Details
-
Bug
-
Resolution: Fixed
-
Medium
-
2.5.1
Description
PermissionService#hasAnyUserPermission checks whether there is a current user when it shouldn't. As a result a plugin developer cannot invoke any method protected by hasAnyPermission authorization in a runWithPermission