Closed dieterbaier closed 2 years ago
@dieterbaier thanks for reporting the issue can you confirm OSSN version you are running?
Created a friends only post on
https://demo.opensource-socialnetwork.org/post/view/42
Viewing the URL as non loggedin visitor getting 404 error
Sorry I can confirm there is some kind of bug here. Need to look deep. Steps to reproduce
[Admin or non admin user]
Fixed in OSSN 6.2 you may apply patch with above details. https://github.com/opensource-socialnetwork/opensource-socialnetwork/commit/5b359feddfb97588dfac4c4b1ebc591398b66fc1
Seems users wall section got less attention when we created post filtering for blocked users.
Thanks for the fast response :-) Awesome work!
Sorry for this issue! Maybe it works as it is supposed to work!? At least for my situation I could 'work around' with the component 'ProfAccess 2.0'. This component enabled disallows any non signed in user to view the profile of a posting user and therefore can also not see any private post. Still it's a bit funny, that private posts get filtered on the profile page as long a user is signed in but not, when a unsigned user would visit a profile... I keep the following issue open; but feel free to close it, if the system really works, as it is supposed to work!
If a user set the privacy on a post to 'friends only', this post is supposed to be shown only to signed in users who are 'in connection' with the user. Right?
When the site is not 'private' (e.g. with the component 'Private Network') I expect, that at least the 'private' posts will not be displayed for users not signed in. Am I right?
This seams to work, if a user not signed in tries to open a post directly. BUT: if such a user follows the link to the timeline of the posting user, the not signed in user gets all post displayed. Also the private ones.
You can check it out: https://ossn.dieterbaier.eu/post/view/35 (public post; will be displayed to a not signed in visitor); https://ossn.dieterbaier.eu/post/view/34 (private post; will not be displayed on opening the link directly; but if you follow the link to the users timeline, you'll see this post, eventhough you are not signed in).