mirror of
https://gh.wpcy.net/https://github.com/discourse/discourse.git
synced 2026-05-25 23:21:58 +08:00
0e690370b4
Category group moderators could perform privileged actions (claim/unclaim reviewables, delete topics, recover topics, edit posts) on topics inside private categories they did not have read access to. The authorization methods checked `is_category_group_moderator?` without first verifying `can_see_topic?`, and the controllers loaded topics/posts by raw ID without visibility scoping. This adds `can_see_topic?` guards to `can_review_topic?`, `can_delete_topic?`, `can_recover_topic?`, and `can_edit_post?` so that category group moderation power never bypasses category read restrictions. --- **Security Advisory:** https://github.com/discourse/discourse/security/advisories/GHSA-hjmg-2mww-vfvx |
||
|---|---|---|
| .. | ||
| bookmark_guardian_spec.rb | ||
| flag_guardian_spec.rb | ||
| invite_guardian_spec.rb | ||
| localization_guardian_spec.rb | ||
| post_guardian_spec.rb | ||
| staff_action_log_guardian_spec.rb | ||
| tag_guardian_spec.rb | ||
| topic_guardian_spec.rb | ||
| upload_guardian_spec.rb | ||
| user_guardian_spec.rb | ||
