fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-04 17:21:39 +09:00
Code Issues Projects Releases Packages Wiki Activity

Fix #2119 being allowed to set 0 as category_srl

Browse source
This commit is contained in:
Kijin Sung 2023-06-19 21:55:24 +09:00
parent b8465cc022
commit 73c60b1297
2 changed files with 29 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

28
modules/board/board.controller.php
View file

@ -62,6 +62,34 @@ class BoardController extends Board
throw new Rhymix\Framework\Exception('msg_content_too_long');
}
// Check category
$category_list = DocumentModel::getCategoryList($this->module_srl);
if (count($category_list) > 0)
{
if ($obj->category_srl)
{
if (isset($category_list[$obj->category_srl]))
{
if (!$category_list[$obj->category_srl]->grant)
{
return new BaseObject(-1, 'msg_not_permitted');
}
}
else
{
$obj->category_srl = 0;
}
}
if (!$obj->category_srl && ($this->module_info->allow_no_category ?? 'N') !== 'Y')
{
if (!$this->grant->manager)
{
throw new Rhymix\Framework\Exception('categoryneeded');
}
}
}
// unset document style if not manager
if(!$this->grant->manager)
{

2
modules/board/board.view.php
View file

@ -926,7 +926,7 @@ class BoardView extends Board
/**
* add JS filters
**/
if(Context::get('logged_info')->is_admin == 'Y' || $this->module_info->allow_no_category == 'Y')
if($this->grant->manager || $this->module_info->allow_no_category == 'Y')
{
Context::addJsFilter($this->module_path.'tpl/filter', 'insert_admin.xml');
}