mirror of
https://github.com/silverstripe/silverstripe-comments
synced 2024-10-22 11:05:49 +02:00
If user cannot view record then prevent comment
This commit is contained in:
parent
fb3cc1b861
commit
85e8384151
@ -363,6 +363,11 @@ class CommentsExtension extends DataExtension
|
|||||||
if (!$this->owner->CommentsEnabled) {
|
if (!$this->owner->CommentsEnabled) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!$this->owner->canView($member)) {
|
||||||
|
// deny if current user cannot view the underlying record.
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
// Check if member is required
|
// Check if member is required
|
||||||
$requireLogin = $this->owner->CommentsRequireLogin;
|
$requireLogin = $this->owner->CommentsRequireLogin;
|
||||||
|
Loading…
Reference in New Issue
Block a user