diff options
author | Simon Rettberg | 2018-04-09 16:56:04 +0200 |
---|---|---|
committer | Simon Rettberg | 2018-04-09 16:56:04 +0200 |
commit | 24815e16087b4b1b64e9f380d45d411af32daf42 (patch) | |
tree | b41206d3cd86ed840d0841826d7c2dc492ed788e /modules-available/news | |
parent | [news] Ask for confirmation when deleting entry (diff) | |
download | slx-admin-24815e16087b4b1b64e9f380d45d411af32daf42.tar.gz slx-admin-24815e16087b4b1b64e9f380d45d411af32daf42.tar.xz slx-admin-24815e16087b4b1b64e9f380d45d411af32daf42.zip |
Permissions: Consistency: Make all pages require at least one permission to be accessible
Closes #3340
Diffstat (limited to 'modules-available/news')
-rw-r--r-- | modules-available/news/page.inc.php | 10 | ||||
-rw-r--r-- | modules-available/news/permissions/permissions.json | 3 |
2 files changed, 5 insertions, 8 deletions
diff --git a/modules-available/news/page.inc.php b/modules-available/news/page.inc.php index e7b70c0f..1e2e3eef 100644 --- a/modules-available/news/page.inc.php +++ b/modules-available/news/page.inc.php @@ -46,14 +46,8 @@ class Page_News extends Page // check which action we need to do $action = Request::any('action', 'show'); - if ($action === 'clear') { - // clear news input fields - // TODO: is this the right way? - $this->newsId = false; - $this->newsTitle = false; - $this->newsContent = false; - $this->newsDate = false; - } elseif ($action === 'show') { + if ($action === 'show') { + User::assertPermission('access-page'); /* load latest things */ $this->loadLatest('help'); $this->loadLatest('news'); diff --git a/modules-available/news/permissions/permissions.json b/modules-available/news/permissions/permissions.json index 0d9435d7..953599df 100644 --- a/modules-available/news/permissions/permissions.json +++ b/modules-available/news/permissions/permissions.json @@ -1,4 +1,7 @@ { + "access-page": { + "location-aware": false + }, "help.delete": { "location-aware": false }, |