-
-
Notifications
You must be signed in to change notification settings - Fork 3.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[5.0] functions allowAdd is looking for filter_category_id that does not exist anymore. #43217
Comments
I am unable to replicate this. What am I missing? I created a category (cat1) I created a new article and the category select does not show cat1 so I cannot save in cat1 I display the list of articles and filter by the forbidden category (cat1) |
It should already fail when you try to add the article, and not allow the edit view. joomla-cms/administrator/components/com_content/src/Controller/ArticleController.php Line 143 in be506c0
Just remove legacy hathor way of doing things, and move to how it should work. |
you stated that you can create an article in a category where you do not have permission to do so. I cannot replicate that. I'm not going to waste my time any further |
@brianteeman always an pleasure to deal with you. Looks like @Hackwar removed the legacy filter #43230 @Hackwar maybe you can add 2 line of code to fix this issue
Or just remove the whole thing as the filters can be an array and how do we know for which one to take. |
Steps to reproduce the issue
Noticed when filtering on category in the articles view and click add on a category were users should not have permission to create an article, they can still do it.
In Joomla 3 the hathor template had all the filter fields hard coded in the template files with filter_category_id, but Joomla 5 is using the filter_articles.xml and the filter name has changed from filter_category_id to category_id.
A quick search in the source for filter_category_id show Banners, Articles and Newsfeeds are affected by the same issue.
Expected result
User should not be able to create an article from a filtered category where they do not have create access.
Actual result
User can create an article in the articles view when category filter is enabled.
System information (as much as possible)
Joomla 5.0
Additional comments
There are more legacy filter code left in article model from hathor template. All the filters in the populateState is not required anymore as there is new code in ListModel to take care of it.
The text was updated successfully, but these errors were encountered: