From efd9f71897868daafa8a18b212c679a68611f132 Mon Sep 17 00:00:00 2001
From: Sebastiaan Janssen <sebastiaan@umbraco.com>
Date: Mon, 9 Nov 2020 10:16:01 +0100
Subject: [PATCH] Limit access to logviewer endpoints to people with access to
 the settings section

---
 src/Umbraco.Web/Editors/LogViewerController.cs | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/Umbraco.Web/Editors/LogViewerController.cs b/src/Umbraco.Web/Editors/LogViewerController.cs
index d48de8a00a..9bdf305946 100644
--- a/src/Umbraco.Web/Editors/LogViewerController.cs
+++ b/src/Umbraco.Web/Editors/LogViewerController.cs
@@ -6,6 +6,7 @@ using Umbraco.Core.Models;
 using Umbraco.Core.Persistence.DatabaseModelDefinitions;
 using Umbraco.Web.Mvc;
 using Umbraco.Web.WebApi;
+using Umbraco.Web.WebApi.Filters;
 
 namespace Umbraco.Web.Editors
 {
@@ -13,6 +14,7 @@ namespace Umbraco.Web.Editors
     /// Backoffice controller supporting the dashboard for viewing logs with some simple graphs & filtering
     /// </summary>
     [PluginController("UmbracoApi")]
+    //[UmbracoApplicationAuthorize(Core.Constants.Applications.Settings)]
     public class LogViewerController : UmbracoAuthorizedJsonController
     {
         private readonly ILogViewer _logViewer;