Commit e07bf5fd authored by alexpott's avatar alexpott

Issue #2337227 by er.pushpinderrana, larowlan: Fixed NodeAccessControlHandler...

Issue #2337227 by er.pushpinderrana, larowlan: Fixed NodeAccessControlHandler performs non-strict in_array check.
parent 29559424
......@@ -140,13 +140,13 @@ protected function checkFieldAccess($operation, FieldDefinitionInterface $field_
// Only users with the administer nodes permission can edit administrative
// fields.
$administrative_fields = array('uid', 'status', 'created', 'promote', 'sticky');
if ($operation == 'edit' && in_array($field_definition->getName(), $administrative_fields)) {
if ($operation == 'edit' && in_array($field_definition->getName(), $administrative_fields, TRUE)) {
return AccessResult::allowedIfHasPermission($account, 'administer nodes');
}
// No user can change read only fields.
$read_only_fields = array('changed', 'revision_timestamp', 'revision_uid');
if ($operation == 'edit' && in_array($field_definition->getName(), $read_only_fields)) {
if ($operation == 'edit' && in_array($field_definition->getName(), $read_only_fields, TRUE)) {
return AccessResult::forbidden();
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment