From ca526b08c32ffe171368c1f6e456a8bfffa287d7 Mon Sep 17 00:00:00 2001
From: Daniel Hensby <dhensby@silverstripe.com>
Date: Thu, 14 Jul 2016 16:57:16 +0100
Subject: [PATCH 1/2] [SS-2016-012] FIX Missing ACL check on ReportAdmin

This issue exposed reports to users able to guess the URL of a Report that they were not allowed to view the report
---
 code/ReportAdmin.php | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/code/ReportAdmin.php b/code/ReportAdmin.php
index f1e35fa1..7e8678e4 100644
--- a/code/ReportAdmin.php
+++ b/code/ReportAdmin.php
@@ -34,10 +34,12 @@ class ReportAdmin extends LeftAndMain implements PermissionProvider {
 	 */
 	protected $reportClass;
 
+	/**
+	 * @var SS_Report
+	 */
 	protected $reportObject;
 	
 	public function init() {
-		parent::init();
 
 		//set the report we are currently viewing from the URL
 		$this->reportClass = (isset($this->urlParams['ReportClass']) && $this->urlParams['ReportClass'] !== 'index')
@@ -46,6 +48,8 @@ class ReportAdmin extends LeftAndMain implements PermissionProvider {
 		$allReports = SS_Report::get_reports();
 		$this->reportObject = (isset($allReports[$this->reportClass])) ? $allReports[$this->reportClass] : null;
 
+		parent::init();
+
 		// Set custom options for TinyMCE specific to ReportAdmin
 		HtmlEditorConfig::get('cms')->setOption('content_css', project() . '/css/editor.css');
 		HtmlEditorConfig::get('cms')->setOption('Lang', i18n::get_tinymce_lang());
@@ -69,7 +73,8 @@ class ReportAdmin extends LeftAndMain implements PermissionProvider {
 
 		if(!parent::canView($member)) return false;
 
-		$hasViewableSubclasses = false;
+		if ($this->reportObject) return $this->reportObject->canView($member);
+
 		foreach($this->Reports() as $report) {
 			if($report->canView($member)) return true;
 		}

From a0eda1edd1d9446eef67dfd37ce30256ce37ee98 Mon Sep 17 00:00:00 2001
From: Damian Mooyman <damian@silverstripe.com>
Date: Mon, 14 Nov 2016 10:04:09 +1300
Subject: [PATCH 2/2] Increment 3 alias to 3.6

---
 composer.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/composer.json b/composer.json
index f585dfce..6cfd72c7 100644
--- a/composer.json
+++ b/composer.json
@@ -21,7 +21,7 @@
 	},
 	"extra": {
 		"branch-alias": {
-			"3.x-dev": "3.5.x-dev"
+			"3.x-dev": "3.6.x-dev"
 		}
 	},
 	"require-dev": {