MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: [ACL] Unpublished private for object do not apply for site admin

pull/6136/head
Jakub Onderka 2020-07-25 18:37:30 +02:00
parent f0f826841e
commit 03c78fedf7
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Model/MispObject.php
View File

@ -581,7 +581,7 @@ class MispObject extends AppModel
$params['page'] = $options['page'];
}
}
if (Configure::read('MISP.unpublishedprivate')) {
if (Configure::read('MISP.unpublishedprivate') && !$user['Role']['perm_site_admin']) {
$params['conditions']['AND'][] = array('OR' => array('Event.published' => 1, 'Event.orgc_id' => $user['org_id']));
}
$results = $this->find('all', $params);