From: Joshua Rüsweg <ruesweg@woltlab.com>
Date: Sun, 23 Jun 2019 12:48:33 +0000 (+0200)
Subject: Fix missing permission check for user profile containers
X-Git-Tag: 5.2.0_Alpha_1~19^2^2~1
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=3d927eb3aa96cb5f8ba8aa59aa77f51296fb5535;p=GitHub%2FWoltLab%2FWCF.git

Fix missing permission check for user profile containers
---

diff --git a/wcfsetup/install/files/lib/data/user/profile/menu/item/UserProfileMenuItemAction.class.php b/wcfsetup/install/files/lib/data/user/profile/menu/item/UserProfileMenuItemAction.class.php
index eae832d3aa..5c96401a69 100644
--- a/wcfsetup/install/files/lib/data/user/profile/menu/item/UserProfileMenuItemAction.class.php
+++ b/wcfsetup/install/files/lib/data/user/profile/menu/item/UserProfileMenuItemAction.class.php
@@ -1,6 +1,8 @@
 <?php
 namespace wcf\data\user\profile\menu\item;
 use wcf\data\AbstractDatabaseObjectAction;
+use wcf\system\cache\runtime\UserProfileRuntimeCache;
+use wcf\system\exception\IllegalLinkException;
 use wcf\system\exception\PermissionDeniedException;
 use wcf\system\exception\UserInputException;
 use wcf\system\menu\user\profile\UserProfileMenu;
@@ -44,6 +46,16 @@ class UserProfileMenuItemAction extends AbstractDatabaseObjectAction {
 		if (!$this->menuItem->getContentManager()->isVisible($this->parameters['data']['userID'])) {
 			throw new PermissionDeniedException();
 		}
+		
+		$user = UserProfileRuntimeCache::getInstance()->getObject($this->parameters['data']['userID']);
+		
+		if ($user === null) {
+			throw new IllegalLinkException();
+		}
+		
+		if ($user->isProtected()) {
+			throw new PermissionDeniedException();
+		}
 	}
 	
 	/**