Diplomarbeit-Absolventenverein/oqtane.framework
10
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

add API method to get File based on name, and fix permission validation for Folder

Browse Source
This commit is contained in:
sbwalker
2023-07-10 08:44:14 -04:00
parent 9a3b458c45
commit c597c4c234
4 changed files with 34 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
Oqtane.Server/Controllers/FolderController.cs
View File

@ -43,7 +43,7 @@ namespace Oqtane.Controllers
{
foreach (Folder folder in _folders.GetFolders(SiteId))
{
if (_userPermissions.IsAuthorized(User, PermissionNames.Browse, folder.PermissionList))
if (_userPermissions.IsAuthorized(User, PermissionNames.View, folder.PermissionList))
{
folders.Add(folder);
}
@ -64,7 +64,7 @@ namespace Oqtane.Controllers
public Folder Get(int id)
{
Folder folder = _folders.GetFolder(id);
if (folder != null && folder.SiteId == _alias.SiteId && _userPermissions.IsAuthorized(User, PermissionNames.Browse, folder.PermissionList))
if (folder != null && folder.SiteId == _alias.SiteId && _userPermissions.IsAuthorized(User, PermissionNames.View, folder.PermissionList))
{
return folder;
}
@ -85,7 +85,7 @@ namespace Oqtane.Controllers
folderPath += "/";
}
Folder folder = _folders.GetFolder(siteId, folderPath);
if (folder != null && folder.SiteId == _alias.SiteId && _userPermissions.IsAuthorized(User, PermissionNames.Browse, folder.PermissionList))
if (folder != null && folder.SiteId == _alias.SiteId && _userPermissions.IsAuthorized(User, PermissionNames.View, folder.PermissionList))
{
return folder;
}