Commit 95b676c8 authored by catch's avatar catch

Issue #1301814 by David_Rothstein: Fixed Comment module security fix from...

Issue #1301814 by David_Rothstein: Fixed Comment module security fix from SA-CORE-2011-003 not yet applied to Drupal 8.
parent 6be0aa47
......@@ -2710,6 +2710,10 @@ function comment_rdf_mapping() {
*/
function comment_file_download_access($field, $entity_type, $entity) {
if ($entity_type == 'comment') {
return user_access('access comments') && $entity->status == COMMENT_PUBLISHED || user_access('administer comments');
if (user_access('access comments') && $entity->status == COMMENT_PUBLISHED || user_access('administer comments')) {
$node = node_load($entity->nid);
return node_access('view', $node);
}
return FALSE;
}
}
......@@ -569,6 +569,7 @@ class FileFieldWidgetTestCase extends FileFieldTestCase {
'title' => $this->randomName(),
);
$this->drupalPost('node/add/article', $edit, t('Save'));
$node = $this->drupalGetNodeByTitle($edit['title']);
// Add a comment with a file.
$text_file = $this->getTestFile('text');
......@@ -598,6 +599,18 @@ class FileFieldWidgetTestCase extends FileFieldTestCase {
$this->drupalLogout();
$this->drupalGet(file_create_url($comment_file->uri));
$this->assertResponse(403, t('Confirmed that access is denied for the file without the needed permission.'));
// Unpublishes node.
$this->drupalLogin($this->admin_user);
$edit = array(
'status' => FALSE,
);
$this->drupalPost('node/' . $node->nid . '/edit', $edit, t('Save'));
// Ensures normal user can no longer download the file.
$this->drupalLogin($user);
$this->drupalGet(file_create_url($comment_file->uri));
$this->assertResponse(403, t('Confirmed that access is denied for the file without the needed permission.'));
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment