yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

https://github.com/umbraco/Umbraco-CMS/issues/10030 - Fixed the two issues reported.

Browse Source
This commit is contained in:
Bjarke Berg
2021-03-23 08:58:18 +01:00
parent fa37ebc107
commit ab9d31e01c
2 changed files with 3 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/Umbraco.Web.BackOffice/Controllers/ContentController.cs
View File

@@ -36,7 +36,6 @@ using Umbraco.Cms.Web.Common.ActionsResults;
using Umbraco.Cms.Web.Common.Attributes;
using Umbraco.Cms.Web.Common.Authorization;
using Umbraco.Extensions;
using Constants = Umbraco.Cms.Core.Constants;
namespace Umbraco.Cms.Web.BackOffice.Controllers
{
@@ -158,7 +157,7 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
// Authorize...
var resource = new ContentPermissionsResource(content, ActionRights.ActionLetter);
var authorizationResult = await _authorizationService.AuthorizeAsync(User, content, AuthorizationPolicies.ContentPermissionByResource);
var authorizationResult = await _authorizationService.AuthorizeAsync(User, resource, AuthorizationPolicies.ContentPermissionByResource);
if (!authorizationResult.Succeeded)
{
return Forbid();

5
src/Umbraco.Web.BackOffice/Controllers/MediaController.cs
View File

@@ -24,7 +24,6 @@ using Umbraco.Cms.Core.Media;
using Umbraco.Cms.Core.Models;
using Umbraco.Cms.Core.Models.ContentEditing;
using Umbraco.Cms.Core.Models.Entities;
using Umbraco.Cms.Core.Models.Membership;
using Umbraco.Cms.Core.Models.Validation;
using Umbraco.Cms.Core.Persistence.Querying;
using Umbraco.Cms.Core.PropertyEditors;
@@ -42,7 +41,6 @@ using Umbraco.Cms.Web.Common.ActionsResults;
using Umbraco.Cms.Web.Common.Attributes;
using Umbraco.Cms.Web.Common.Authorization;
using Umbraco.Extensions;
using Constants = Umbraco.Cms.Core.Constants;
namespace Umbraco.Cms.Web.BackOffice.Controllers
{
@@ -647,7 +645,8 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
// Authorize...
var requirement = new MediaPermissionsResourceRequirement();
var authorizationResult = await _authorizationService.AuthorizeAsync(User, _mediaService.GetById(sorted.ParentId), requirement);
var resource = new MediaPermissionsResource(sorted.ParentId);
var authorizationResult = await _authorizationService.AuthorizeAsync(User, resource, requirement);
if (!authorizationResult.Succeeded)
{
return Forbid();