From a1ea239c8f249d6874edad78972a840a16027712 Mon Sep 17 00:00:00 2001
From: Ingo Schommer <ingo@silverstripe.com>
Date: Thu, 7 Apr 2016 17:14:12 +1200
Subject: [PATCH] Enforcing can*() in CampaignAdmin reads

---
 admin/code/CampaignAdmin.php | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/admin/code/CampaignAdmin.php b/admin/code/CampaignAdmin.php
index b9659cd3d..1f0a6855b 100644
--- a/admin/code/CampaignAdmin.php
+++ b/admin/code/CampaignAdmin.php
@@ -240,6 +240,10 @@ JSON;
 			'_embedded' => ['ChangeSetItems' => []]
 		];
 		foreach($changeSet->Changes() as $changeSetItem) {
+			if(!$changeSetItem) {
+				continue;
+			}
+
 			/** @var ChangesetItem $changeSetItem */
 			$resource = $this->getChangeSetItemResource($changeSetItem);
 			$hal['_embedded']['ChangeSetItems'][] = $resource;
@@ -294,7 +298,10 @@ JSON;
 	 */
 	protected function getListItems() {
 		return ChangeSet::get()
-			->filter('State', ChangeSet::STATE_OPEN);
+			->filter('State', ChangeSet::STATE_OPEN)
+			->filterByCallback(function($item) {
+				return ($item->canView());
+			});
 	}