From 6f35f304c02083714f11677b25a8fec28207c105 Mon Sep 17 00:00:00 2001 From: Marcel Werk Date: Thu, 23 Jun 2016 21:44:07 +0200 Subject: [PATCH] Added simple acl implementation for cms pages --- wcfsetup/install/files/lib/data/menu/item/MenuItem.class.php | 2 +- wcfsetup/install/files/lib/data/page/Page.class.php | 4 ++-- wcfsetup/install/files/lib/page/CmsPage.class.php | 4 ++++ 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/wcfsetup/install/files/lib/data/menu/item/MenuItem.class.php b/wcfsetup/install/files/lib/data/menu/item/MenuItem.class.php index 17ab7bd1bf..be074a5733 100644 --- a/wcfsetup/install/files/lib/data/menu/item/MenuItem.class.php +++ b/wcfsetup/install/files/lib/data/menu/item/MenuItem.class.php @@ -122,7 +122,7 @@ class MenuItem extends DatabaseObject { return false; } - if ($this->getPage() !== null && !$this->getPage()->isVisible()) { + if ($this->getPage() !== null && (!$this->getPage()->isVisible() || !$this->getPage()->isAccessible())) { return false; } diff --git a/wcfsetup/install/files/lib/data/page/Page.class.php b/wcfsetup/install/files/lib/data/page/Page.class.php index f450da8a48..4945b770a6 100644 --- a/wcfsetup/install/files/lib/data/page/Page.class.php +++ b/wcfsetup/install/files/lib/data/page/Page.class.php @@ -5,6 +5,7 @@ use wcf\data\ILinkableObject; use wcf\data\ITitledObject; use wcf\data\TDatabaseObjectOptions; use wcf\data\TDatabaseObjectPermissions; +use wcf\system\acl\simple\SimpleAclResolver; use wcf\system\application\ApplicationHandler; use wcf\system\database\util\PreparedStatementConditionBuilder; use wcf\system\exception\SystemException; @@ -225,8 +226,7 @@ class Page extends DatabaseObject implements ILinkableObject, ITitledObject { * @return boolean */ public function isAccessible() { - // @todo - return true; + return SimpleAclResolver::getInstance()->canAccess('com.woltlab.wcf.page', $this->pageID); } /** diff --git a/wcfsetup/install/files/lib/page/CmsPage.class.php b/wcfsetup/install/files/lib/page/CmsPage.class.php index bde08f27cd..14192d4ef3 100644 --- a/wcfsetup/install/files/lib/page/CmsPage.class.php +++ b/wcfsetup/install/files/lib/page/CmsPage.class.php @@ -63,6 +63,10 @@ class CmsPage extends AbstractPage { throw new IllegalLinkException(); } + if (!$this->page->isAccessible()) { + throw new IllegalLinkException(); + } + $this->content = $this->page->getPageContentByLanguage($this->languageID); if (empty($this->content)) { throw new IllegalLinkException(); -- 2.20.1