search

flarum / issue-archive

0 stars 0 forks source link

Approval can be circumvented #207

Open JCKodel opened 4 years ago

JCKodel commented 4 years ago

Bug Report

Current Behavior The approval can be circumvented.

Steps to Reproduce

  1. User create a post on a tag that requires approval
  2. Moderator undo the signaling (not approving it) or delete the post
  3. User post a new content in the same post
  4. Post is visible for anyone

Expected Behavior 1) If I delete a post in a discussion that only have 1 post, the discussion should be hidden! 2) Removing the moderator signal from an unapproved discussion should not allow replies (or, better yet: automaticaly lock the discussion and inform the user why it was not approved)

stale[bot] commented 4 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. We do this to keep the amount of open issues to a manageable minimum. In any case, thanks for taking an interest in this software and contributing by opening the issue in the first place!

stale[bot] commented 3 years ago

We are closing this issue as it seems to have grown stale. If you still encounter this problem with the latest version, feel free to re-open it.

luceos commented 3 years ago

The problem here is that you can reply to a discussion where OP was deleted then. The discussion by itself should have been deleted completely and be no longer accessible for writing.

Ref similar discussion flarum/issue-archive#205