diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Feed.php b/lib/Alchemy/Phrasea/Controller/Prod/Feed.php index 41041673f9..beeaa0c4f7 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/Feed.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/Feed.php @@ -87,7 +87,7 @@ class Feed implements ControllerProviderInterface $entry = \Feed_Entry_Adapter::load_from_id($appbox, $id); - if ($entry->get_publisher()->get_user()->get_id() !== $user->get_id()) { + if (!$entry->is_publisher($user)) { throw new \Exception_UnauthorizedAction(); } @@ -107,7 +107,7 @@ class Feed implements ControllerProviderInterface $entry = \Feed_Entry_Adapter::load_from_id($appbox, $id); - if ($entry->get_publisher()->get_user()->get_id() !== $user->get_id()) { + if (!$entry->is_publisher($user)) { throw new \Exception_UnauthorizedAction(); } @@ -186,7 +186,7 @@ class Feed implements ControllerProviderInterface $entry = \Feed_Entry_Adapter::load_from_id($appbox, $id); - if ($entry->get_publisher()->get_user()->get_id() !== $user->get_id() + if (!$entry->is_publisher($user) && $entry->get_feed()->is_owner($user) === false) { throw new \Exception_UnauthorizedAction(_('Action Forbidden : You are not the publisher')); } diff --git a/lib/classes/Feed/Adapter.class.php b/lib/classes/Feed/Adapter.class.php index d210684e7d..18059069bb 100644 --- a/lib/classes/Feed/Adapter.class.php +++ b/lib/classes/Feed/Adapter.class.php @@ -224,7 +224,11 @@ class Feed_Adapter extends Feed_Abstract implements Feed_Interface, cache_cachea { $this->load_publishers(); - return $this->owner->get_user()->get_id() === $user->get_id(); + if ($this->owner) { + return $this->owner->get_user()->get_id() === $user->get_id(); + } + + return false; } /** @@ -318,10 +322,15 @@ class Feed_Adapter extends Feed_Abstract implements Feed_Interface, cache_cachea $stmt->closeCursor(); foreach ($rs as $row) { - $publisher = new Feed_Publisher_Adapter($this->appbox, $row['id']); + try { + $publisher = new Feed_Publisher_Adapter($this->appbox, $row['id']); + } catch (\Exception_Feed_PublisherNotFound $e) { + continue; + } $this->publishers[$row['usr_id']] = $publisher; - if ($publisher->is_owner()) + if ($publisher->is_owner()) { $this->owner = $publisher; + } } return $this->publishers; diff --git a/lib/classes/Feed/Entry/Adapter.class.php b/lib/classes/Feed/Entry/Adapter.class.php index 829d9ef105..471d368347 100644 --- a/lib/classes/Feed/Entry/Adapter.class.php +++ b/lib/classes/Feed/Entry/Adapter.class.php @@ -373,8 +373,13 @@ class Feed_Entry_Adapter implements Feed_Entry_Interface, cache_cacheableInterfa */ public function get_publisher() { - if ( ! $this->publisher instanceof Feed_Publisher_Adapter) - $this->publisher = new Feed_Publisher_Adapter($this->appbox, $this->publisher_id); + if ( ! $this->publisher instanceof Feed_Publisher_Adapter) { + try { + $this->publisher = new Feed_Publisher_Adapter($this->appbox, $this->publisher_id); + } catch (\Exception_Feed_PublisherNotFound $e) { + + } + } return $this->publisher; } @@ -386,7 +391,13 @@ class Feed_Entry_Adapter implements Feed_Entry_Interface, cache_cacheableInterfa */ public function is_publisher(User_adapter $user) { - return $user->get_id() === $this->get_publisher()->get_user()->get_id(); + $publisher = $this->get_publisher(); + + if ($publisher instanceof Feed_Publisher_Interface) { + return $user->get_id() === $publisher->get_user()->get_id(); + } + + return false; } /** diff --git a/lib/classes/Feed/Publisher/Adapter.class.php b/lib/classes/Feed/Publisher/Adapter.class.php index ef4590ab2d..54648d47ca 100644 --- a/lib/classes/Feed/Publisher/Adapter.class.php +++ b/lib/classes/Feed/Publisher/Adapter.class.php @@ -95,7 +95,7 @@ class Feed_Publisher_Adapter implements Feed_Publisher_Interface, cache_cacheabl $stmt->closeCursor(); if ( ! $row) - throw new Exception_Feed_PublisherNotFound(); + throw new Exception_Feed_PublisherNotFound('Publisher is not Found'); $this->user = User_Adapter::getInstance($row['usr_id'], $this->appbox); $this->owner = ! ! $row['owner'];