mirror of
https://github.com/writefreely/writefreely
synced 2024-11-28 11:30:18 +00:00
404 for protected posts when previously authorized
a user who had previously authenticated on a protected collection would still see the post after the owner was silenced, with a banner meant for the owner displayed.
This commit is contained in:
parent
aa405bc57c
commit
4c0e4d04c1
1 changed files with 7 additions and 2 deletions
7
posts.go
7
posts.go
|
@ -1342,8 +1342,13 @@ func viewCollectionPost(app *App, w http.ResponseWriter, r *http.Request) error
|
|||
if c.IsPrivate() && (u == nil || u.ID != c.OwnerID) {
|
||||
return ErrPostNotFound
|
||||
}
|
||||
if c.IsProtected() && ((u == nil || u.ID != c.OwnerID) && !isAuthorizedForCollection(app, c.Alias, r)) {
|
||||
if c.IsProtected() && (u == nil || u.ID != c.OwnerID) {
|
||||
if suspended {
|
||||
return ErrPostNotFound
|
||||
} else if !isAuthorizedForCollection(app, c.Alias, r) {
|
||||
return impart.HTTPError{http.StatusFound, c.CanonicalURL() + "/?g=" + slug}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
cr.isCollOwner = u != nil && c.OwnerID == u.ID
|
||||
|
|
Loading…
Reference in a new issue