yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Do not allow update translations on languages you do not have access to.

Browse Source
This commit is contained in:
Bjarke Berg
2022-08-02 12:50:18 +02:00
parent 30c37ea0f4
commit e5cbd15a7e
1 changed files with 9 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/Umbraco.Web.BackOffice/Controllers/DictionaryController.cs
View File

@@ -271,8 +271,8 @@ public class DictionaryController : BackOfficeNotificationsController
return ValidationProblem("Dictionary item does not exist");
}
CultureInfo? userCulture =
_backofficeSecurityAccessor.BackOfficeSecurity?.CurrentUser?.GetUserCulture(_localizedTextService, _globalSettings);
var currentUser = _backofficeSecurityAccessor.BackOfficeSecurity?.CurrentUser;
CultureInfo? userCulture = currentUser?.GetUserCulture(_localizedTextService, _globalSettings);
if (dictionary.NameIsDirty)
{
@@ -293,9 +293,15 @@ public class DictionaryController : BackOfficeNotificationsController
dictionaryItem.ItemKey = dictionary.Name!;
}
var allowedLanguageIds = currentUser?.CalculateAllowedLanguageIds(_localizationService);
var allowedLanguageIdHashSet =allowedLanguageIds is null ? new HashSet<int>() : new HashSet<int>(allowedLanguageIds);
foreach (DictionaryTranslationSave translation in dictionary.Translations)
{
_localizationService.AddOrUpdateDictionaryValue(dictionaryItem, _localizationService.GetLanguageById(translation.LanguageId), translation.Translation);
if (allowedLanguageIdHashSet.Contains(translation.LanguageId))
{
_localizationService.AddOrUpdateDictionaryValue(dictionaryItem, _localizationService.GetLanguageById(translation.LanguageId), translation.Translation);
}
}
try