mirror of https://github.com/MISP/MISP
fix: [ACL] Unpublished private for object do not apply for site admin
parent
f0f826841e
commit
03c78fedf7
|
@ -581,7 +581,7 @@ class MispObject extends AppModel
|
|||
$params['page'] = $options['page'];
|
||||
}
|
||||
}
|
||||
if (Configure::read('MISP.unpublishedprivate')) {
|
||||
if (Configure::read('MISP.unpublishedprivate') && !$user['Role']['perm_site_admin']) {
|
||||
$params['conditions']['AND'][] = array('OR' => array('Event.published' => 1, 'Event.orgc_id' => $user['org_id']));
|
||||
}
|
||||
$results = $this->find('all', $params);
|
||||
|
|
Loading…
Reference in New Issue