User tests: Successful: Unsuccessful:
Pull Request for Issue # .
This removes redundant access check from admin Articles model.
Code review. See that we already filter by access in the query:
joomla-cms/administrator/components/com_content/models/articles.php
Lines 250 to 256 in 88bcd98
Alternatively, you can check that this snippet (placed somehwere in frontend/site, e.g. in Protostar index file) doesn't return unauthorized articles. Where $accessLevel
is some access level ID:
JModelLegacy::addIncludePath(JPATH_ADMINISTRATOR . '/components/com_content/models', 'ContentModel');
$model = JModelLegacy::getInstance('Articles', 'ContentModel', array('ignore_request' => true));
$model->setState('params', JFactory::getApplication()->getParams());
$model->setState('filter.access', $accessLevel);
$articles = $model->getItems();
var_dump($articles);
No.
Status | New | ⇒ | Pending |
Category | ⇒ | Administration com_content |
Labels |
Added:
?
|
I have tested this item
I created two articles in the same menu: one with permission public and the other one with permission registered. By navigating on this menu we can only see the article with public access and when a user log in the second articles with permission registered appears.
Status | Pending | ⇒ | Ready to Commit |
Ready to Commit after two successful tests.
Since the extended method now does nothing useful, it can be removed too (no, there are no B/C issues with that).
Labels |
Added:
?
|
Updated.
Status | Ready to Commit | ⇒ | Fixed in Code Base |
Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2018-08-02 22:30:39 |
Closed_By | ⇒ | mbabker |
I have tested this item✅ successfully on 8d3d71e
What I tested:
On administrator site, create a new article with permission Super Users. After that I created a new user and added him to the administration group. I logged in with the newly created user and filtered for Super Users: No articles appear.
@icampus
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/21169.