Commit 7c6edc16 authored by Tino Goratsch's avatar Tino Goratsch

check the ACL permissions for widgets too

parent e1c33fa0
......@@ -60,11 +60,7 @@ abstract class AbstractFrontendAction extends Core\Controller\AbstractWidgetActi
*/
public function preDispatch()
{
$path = $this->request->getArea() . '/' . $this->request->getFullPathWithoutArea();
if ($this->acl->hasPermission($path) === false) {
throw new Core\ACL\Exception\AccessForbiddenException();
}
parent::preDispatch();
$this->view->assign([
'PHP_SELF' => $this->appPath->getPhpSelf(),
......@@ -82,8 +78,6 @@ abstract class AbstractFrontendAction extends Core\Controller\AbstractWidgetActi
'LANG' => $this->translator->getShortIsoCode(),
]);
parent::preDispatch();
return $this;
}
......
......@@ -94,9 +94,16 @@ abstract class AbstractWidgetAction implements ActionInterface
/**
* @return $this
* @throws Core\ACL\Exception\AccessForbiddenException
*/
public function preDispatch()
{
$path = $this->request->getArea() . '/' . $this->request->getFullPathWithoutArea();
if ($this->acl->hasPermission($path) === false) {
throw new Core\ACL\Exception\AccessForbiddenException();
}
return $this;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment