Fixed Post::getTypePermissionConstraints does not cull all nodes a user can't view threads in

Xon

Well-known member
Affected version
2.2.11
XF\Search\Data\Post::getTypePermissionConstraints checks nodes a user can view, and adds non-viewable nodes to a skip list.

However, it doesn't consider the "View thread content" permission. This permission is required when Thread::canView is called for each thread to prune non-viewable threads on display, as such should be just excluded entirely from the query.
 

XF Bug Bot

XenForo bug fixer bot
Staff member
Thank you for reporting this issue, it has now been resolved. We are aiming to include any changes that have been made in a future XF release (2.2.12).

Change log:
Exclude nodes where a user can't view thread content from search queries
There may be a delay before changes are rolled out to the XenForo Community.
 
Top