mattrogowski
Well-known member
- Affected version
- 2.2.4
If you have an album in a category, both the album and the media will have
If you delete the album, the media inside is still accessible if you know the URL. I'm assuming that despite being in a category, if the containing album is deleted it wouldn't be desired to still view the media.
should maybe be:
Or maybe cleaning it up some other way. Either way it needs to also check
category_id populated.If you delete the album, the media inside is still accessible if you know the URL. I'm assuming that despite being in a category, if the containing album is deleted it wouldn't be desired to still view the media.
PHP:
if ($this->category_id && $this->Category)
{
$canView = $this->Category->canView($error);
}
else if ($this->album_id && $this->Album)
{
$canView = $this->Album->canView($error);
}should maybe be:
PHP:
if ($this->category_id && $this->Category)
{
$canView = $this->Category->canView($error);
}
if ($canView && $this->album_id && $this->Album)
{
$canView = $this->Album->canView($error);
}Or maybe cleaning it up some other way. Either way it needs to also check
Album->canView as right now it's just going by the category permissions. The category is also an album category, so doesn't have media directly inside it.
