From 1061e17fe97043d115a026d92ba098c8ea91c536 Mon Sep 17 00:00:00 2001 From: Jean-Baptiste Nahan <814683+macintoshplus@users.noreply.github.com> Date: Thu, 6 Mar 2025 15:09:40 +0100 Subject: [PATCH] :bug: Change the check way to check if the user have right to change some property --- .../Backend/ContentEditController.php | 21 +++++++------------ 1 file changed, 8 insertions(+), 13 deletions(-) diff --git a/src/Controller/Backend/ContentEditController.php b/src/Controller/Backend/ContentEditController.php index b5efac584..b1c3eaf4a 100644 --- a/src/Controller/Backend/ContentEditController.php +++ b/src/Controller/Backend/ContentEditController.php @@ -178,21 +178,16 @@ public function save(?Content $originalContent = null, ?ContentValidatorInterfac // check for status changes if ($originalContent !== null) { - // deny if we detect the status field being changed - if ($originalStatus !== $content->getStatus() ) { - $this->denyAccessUnlessGranted(ContentVoter::CONTENT_CHANGE_STATUS, $content); + // revert the propery change if the current user dont have right + if ($this->isGranted(ContentVoter::CONTENT_CHANGE_STATUS, $content) === false) { + $content->setStatus($originalStatus); + $content->setPublishedAt($originalPublishedAt); + $content->setDepublishedAt($originalDepublishedAt); } - // deny if we detect the publication dates field being changed - if (($originalPublishedAt !== null && Date::datesDiffer($originalPublishedAt, $content->getPublishedAt())) || - ($originalDepublishedAt !== null && Date::datesDiffer($originalDepublishedAt, $content->getDepublishedAt())) - ) { - $this->denyAccessUnlessGranted(ContentVoter::CONTENT_CHANGE_STATUS, $content); - } - - // deny if owner changes - if ($originalAuthor !== $content->getAuthor()) { - $this->denyAccessUnlessGranted(ContentVoter::CONTENT_CHANGE_OWNERSHIP, $content); + // revert the owner property if the current user dont have right + if ($this->isGranted(ContentVoter::CONTENT_CHANGE_OWNERSHIP, $content) === false) { + $content->setAuthor($originalAuthor); } }