From 0c004085fd79921f36e8e6594cf34e3dfe26dc0a Mon Sep 17 00:00:00 2001
From: Alexey Skobkin <skobkin-ru@ya.ru>
Date: Wed, 3 Apr 2019 18:07:47 +0300
Subject: [PATCH] Fixing privacy in PostController::showAction().

---
 .../Bundle/PointToolsBundle/Controller/PostController.php     | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/Skobkin/Bundle/PointToolsBundle/Controller/PostController.php b/src/Skobkin/Bundle/PointToolsBundle/Controller/PostController.php
index 2022d2e..147d9f7 100644
--- a/src/Skobkin/Bundle/PointToolsBundle/Controller/PostController.php
+++ b/src/Skobkin/Bundle/PointToolsBundle/Controller/PostController.php
@@ -17,6 +17,10 @@ class PostController extends AbstractController
      */
     public function showAction(Post $post, PostRepository $postRepository): Response
     {
+        if ((!$post->getAuthor()->isPublic()) || $post->getAuthor()->isWhitelistOnly()) {
+            throw $this->createNotFoundException('Author\'s blog is private.');
+        }
+
         return $this->render('SkobkinPointToolsBundle:Post:show.html.twig', [
             'post' => $postRepository->getPostWithComments($post->getId()),
         ]);