X-Git-Url: http://aleph1.co.uk/gitweb/?a=blobdiff_plain;f=web%2Fcore%2Fmodules%2Fcomment%2Fsrc%2FCommentAccessControlHandler.php;h=6e811a97d31f6ecbeb61526b38f5dce022686c48;hb=1c1cb0980bfa6caf0c24cce671b6bb541dc87583;hp=bcb0fd7a082b6bee5aa25c9bde70f01575cfafea;hpb=a2bd1bf0c2c1f1a17d188f4dc0726a45494cefae;p=yaffs-website

diff --git a/web/core/modules/comment/src/CommentAccessControlHandler.php b/web/core/modules/comment/src/CommentAccessControlHandler.php
index bcb0fd7a0..6e811a97d 100644
--- a/web/core/modules/comment/src/CommentAccessControlHandler.php
+++ b/web/core/modules/comment/src/CommentAccessControlHandler.php
@@ -45,7 +45,12 @@ class CommentAccessControlHandler extends EntityAccessControlHandler {
         return $access_result;
 
       case 'update':
-        return AccessResult::allowedIf($account->id() && $account->id() == $entity->getOwnerId() && $entity->isPublished() && $account->hasPermission('edit own comments'))->cachePerPermissions()->cachePerUser()->addCacheableDependency($entity);
+        $access_result = AccessResult::allowedIf($account->id() && $account->id() == $entity->getOwnerId() && $entity->isPublished() && $account->hasPermission('edit own comments'))
+          ->cachePerPermissions()->cachePerUser()->addCacheableDependency($entity);
+        if (!$access_result->isAllowed()) {
+          $access_result->setReason("The 'edit own comments' permission is required, the user must be the comment author, and the comment must be published.");
+        }
+        return $access_result;
 
       default:
         // No opinion.