5b5b5a5931
This commit fixes a bug where a user creates a whisper post via the api but is posted as a regular message because they don't have access to whisper. Now a 403 unauthorized will be returned instead of the whisper param just being ignored for regular users. Staff users should not be affected by this change. https://meta.discourse.org/t/a-whisper-is-posted-as-a-message-if-the-user-is-not-staff-moderator-admin-when-using-the-api/116601 |
||
---|---|---|
.. | ||
category_guardian.rb | ||
ensure_magic.rb | ||
group_guardian.rb | ||
post_guardian.rb | ||
post_revision_guardian.rb | ||
tag_guardian.rb | ||
topic_guardian.rb | ||
user_guardian.rb |