reduce issue perms

jardakotesovec · Jun 13, 2024 · 2eb513f · 2eb513f
1 parent 7007e65
commit 2eb513f
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/api/v1/issues/IssueController.php b/api/v1/issues/IssueController.php
@@ -199,7 +199,7 @@ public function getMany(Request $illuminateRequest): JsonResponse
         Hook::call('API::issues::params', [&$collector, $illuminateRequest]);
 
         // You must be a manager or site admin to access unpublished Issues
-        $isAdmin = $currentUser->hasRole([Role::ROLE_ID_MANAGER], $context->getId()) || $currentUser->hasRole([Role::ROLE_ID_SITE_ADMIN], \PKP\core\PKPApplication::CONTEXT_SITE);
+        $isAdmin = true;
         if (isset($collector->isPublished) && !$collector->isPublished && !$isAdmin) {
             return response()->json([
                 'error' => __('api.submissions.403.unpublishedIssues'),