4 anni fa · 660b78d9e2
--- a/server/graph/resolvers/page.js
+++ b/server/graph/resolvers/page.js
@@ -57,7 +57,8 @@ module.exports = {
 
															           results: _.filter(resp.results, r => {
														
 
															             return WIKI.auth.checkAccess(context.req.user, ['read:pages'], {
														
 
															               path: r.path,
														
 
															-              locale: r.locale
														
 
															+              locale: r.locale,
														
 
															+              tags: r.tags // Tags are needed since access permissions can be limited by page tags too
														
 
															             })
														
 
															           })
														
 
															         }
														
--- a/server/modules/search/db/engine.js
+++ b/server/modules/search/db/engine.js
@@ -21,7 +21,11 @@ module.exports = {
 
															    */
														
 
															   async query(q, opts) {
														
 
															     const results = await WIKI.models.pages.query()
														
 
															-      .column('id', 'title', 'description', 'path', 'localeCode as locale')
														
 
															+      .column('pages.id', 'title', 'description', 'path', 'localeCode as locale')
														
 
															+      .withGraphJoined('tags') // Adding page tags since they can be used to check resource access permissions
														
 
															+      .modifyGraph('tags', builder => {
														
 
															+        builder.select('tag')
														
 
															+      })
														
 
															       .where(builder => {
														
 
															         builder.where('isPublished', true)
														
 
															         if (opts.locale) {