github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-26 11:32:11 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: Category.find_by_slug

Browse Source 
find_by_slug should ensure that the parent actually exists when its
looking for a parent.
This commit is contained in:
Daniel Waterworth
2019-10-15 16:39:09 +01:00
parent e83c2488a2
commit 5f5b232cde
3 changed files with 33 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
app/controllers/categories_controller.rb
View File

@ -206,6 +206,9 @@ class CategoriesController < ApplicationController
def find_by_slug
params.require(:category_slug)
@category = Category.find_by_slug(params[:category_slug], params[:parent_category_slug])
raise Discourse::NotFound unless @category.present?
if !guardian.can_see?(@category)
if SiteSetting.detailed_404 && group = @category.access_category_via_group
raise Discourse::InvalidAccess.new(