pierre/wallabag
1
0
Fork 0
forked from wallabag/wallabag
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Merge pull request from GHSA-mrqx-mjc4-vfh3

Browse Source 
AnnotationController: fix improper authorization vulnerability
This commit is contained in:
Jérémy Benoist
2023-02-01 09:32:22 +01:00
committed by GitHub
parent 0f7460dbab 3ed7f2b751
commit 5ac6b6bff9
6 changed files with 173 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
tests/Wallabag/CoreBundle/Controller/ConfigControllerTest.php
View File

@ -932,7 +932,7 @@ class ConfigControllerTest extends WallabagCoreTestCase
$annotationsReset = $em
->getRepository('WallabagAnnotationBundle:Annotation')
->findAnnotationsByPageId($entry->getId(), $user->getId());
->findByEntryIdAndUserId($entry->getId(), $user->getId());
$this->assertEmpty($annotationsReset, 'Annotations were reset');
@ -1040,7 +1040,7 @@ class ConfigControllerTest extends WallabagCoreTestCase
$annotationsReset = $em
->getRepository('WallabagAnnotationBundle:Annotation')
->findAnnotationsByPageId($annotationArchived->getId(), $user->getId());
->findByEntryIdAndUserId($annotationArchived->getId(), $user->getId());
$this->assertEmpty($annotationsReset, 'Annotations were reset');
}
@ -1097,7 +1097,7 @@ class ConfigControllerTest extends WallabagCoreTestCase
$annotationsReset = $em
->getRepository('WallabagAnnotationBundle:Annotation')
->findAnnotationsByPageId($entry->getId(), $user->getId());
->findByEntryIdAndUserId($entry->getId(), $user->getId());
$this->assertEmpty($annotationsReset, 'Annotations were reset');
}