MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Clarify permissions, see #1886

pull/1888/head
Richard van den Berg 2017-02-04 17:39:17 +01:00
parent c8a0b0d870
commit 5141011c9e
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Model/Attribute.php
View File

@ -1593,7 +1593,7 @@ class Attribute extends AppModel {
}
public function text($user, $type, $tags = false, $eventId = false, $allowNonIDS = false, $from = false, $to = false, $last = false, $enforceWarninglist = false, $allowNotPublished = false) {
//restricting to non-private or same org if the user is not a site-admin.
//permissions are taken care of in fetchAttributes()
$conditions['AND'] = array();
if ($allowNonIDS === false) {
$conditions['AND']['Attribute.to_ids'] = 1;