Composer lets you edit someone else's post


(Jie Shuang) #1

You can’t save an edit, which is good! But I’d suggest you shouldn’t even be able to open the composer.

Simple repro: Go to bottom of a topic, hit J and/or K up to a few times to select a post. Then hit E and the composer opens an edit window.

If you hit Save Edit, you’ll get “You are not permitted to view the requested resource” which is also probably the wrong error message.

This sure confused the heck out of me when I ran into it a few minutes ago.


(Jeff Atwood) #2

Yes this is a bug, can you add it to your list @techapj?


(Arpit Jalan) #3

Fixed via:

There was a similar issue when non-authorized user tries to delete a post using keyboard shortcut, fixed that too.


(Arpit Jalan) #4