joomla · HLeithner · Jul 1, 2019 · Jan 5, 2017 · Jan 5, 2017 · Mar 18, 2017
diff --git a/administrator/components/com_banners/models/banner.php b/administrator/components/com_banners/models/banner.php
@@ -231,20 +231,17 @@ protected function batchCopy($value, $pks, $contexts)
 	 */
 	protected function canDelete($record)
 	{
-		if (!empty($record->id))
+		if (empty($record->id) || $record->state != -2)
 		{
-			if ($record->state != -2)
-			{
-				return false;
-			}
-
-			if (!empty($record->catid))
-			{
-				return JFactory::getUser()->authorise('core.delete', 'com_banners.category.' . (int) $record->catid);
-			}
+			return false;
+		}
 
-			return parent::canDelete($record);
+		if (!empty($record->catid))
+		{
+			return JFactory::getUser()->authorise('core.delete', 'com_banners.category.' . (int) $record->catid);
 		}
+
+		return parent::canDelete($record);
 	}
 
 	/**

diff --git a/administrator/components/com_banners/models/client.php b/administrator/components/com_banners/models/client.php
@@ -35,22 +35,19 @@ class BannersModelClient extends JModelAdmin
 	 */
 	protected function canDelete($record)
 	{
-		if (!empty($record->id))
+		if (empty($record->id) || $record->state != -2)
 		{
-			if ($record->state != -2)
-			{
-				return false;
-			}
-
-			$user = JFactory::getUser();
+			return false;
+		}
 
-			if (!empty($record->catid))
-			{
-				return $user->authorise('core.delete', 'com_banners.category.' . (int) $record->catid);
-			}
+		$user = JFactory::getUser();
 
-			return $user->authorise('core.delete', 'com_banners');
+		if (!empty($record->catid))
+		{
+			return $user->authorise('core.delete', 'com_banners.category.' . (int) $record->catid);
 		}
+
+		return parent::canDelete($record);
 	}
 
 	/**

diff --git a/administrator/components/com_contact/models/contact.php b/administrator/components/com_contact/models/contact.php
@@ -207,15 +207,12 @@ protected function batchUser($value, $pks, $contexts)
 	 */
 	protected function canDelete($record)
 	{
-		if (!empty($record->id))
+		if (empty($record->id) || $record->published != -2)
 		{
-			if ($record->published != -2)
-			{
-				return false;
-			}
-
-			return JFactory::getUser()->authorise('core.delete', 'com_contact.category.' . (int) $record->catid);
+			return false;
 		}
+
+		return JFactory::getUser()->authorise('core.delete', 'com_contact.category.' . (int) $record->catid);
 	}
 
 	/**

diff --git a/administrator/components/com_content/models/article.php b/administrator/components/com_content/models/article.php
@@ -169,17 +169,12 @@ protected function batchCopy($value, $pks, $contexts)
 	 */
 	protected function canDelete($record)
 	{
-		if (!empty($record->id))
+		if (empty($record->id) || $record->state != -2)
 		{
-			if ($record->state != -2)
-			{
-				return false;
-			}
-
-			return JFactory::getUser()->authorise('core.delete', 'com_content.article.' . (int) $record->id);
+			return false;
 		}
 
-		return false;
+		return JFactory::getUser()->authorise('core.delete', 'com_content.article.' . (int) $record->id);
 	}
 
 	/**
@@ -208,7 +203,7 @@ protected function canEditState($record)
 		}
 
 		// Default to component settings if neither article nor category known.
-		return parent::canEditState();
+		return parent::canEditState($record);
 	}
 
 	/**

diff --git a/administrator/components/com_contenthistory/models/history.php b/administrator/components/com_contenthistory/models/history.php
@@ -98,7 +98,7 @@ protected function canEdit($record)
 	 */
 	protected function canDelete($record)
 	{
-		return canEdit($record);
+		return $this->canEdit($record);
 	}
 
 	/**

diff --git a/administrator/components/com_fields/models/field.php b/administrator/components/com_fields/models/field.php
@@ -773,19 +773,14 @@ public function cleanupValues($context, $itemId)
 	 */
 	protected function canDelete($record)
 	{
-		if (!empty($record->id))
+		if (empty($record->id) || $record->state != -2)
 		{
-			if ($record->state != -2)
-			{
-				return false;
-			}
-
-			$parts = FieldsHelper::extract($record->context);
-
-			return JFactory::getUser()->authorise('core.delete', $parts[0] . '.field.' . (int) $record->id);
+			return false;
 		}
 
-		return false;
+		$parts = FieldsHelper::extract($record->context);
+
+		return JFactory::getUser()->authorise('core.delete', $parts[0] . '.field.' . (int) $record->id);
 	}
 
 	/**

diff --git a/administrator/components/com_menus/models/item.php b/administrator/components/com_menus/models/item.php
@@ -94,25 +94,19 @@ protected function canDelete($record)
 	{
 		$user = JFactory::getUser();
 
-		if (!empty($record->id))
+		if (empty($record->id) || $record->published != -2)
 		{
-			// Only delete trashed items
-			if ($record->published != -2)
-			{
-				return false;
-			}
-
-			$menuTypeId = 0;
+			return false;
+		}
 
-			if (!empty($record->menutype))
-			{
-				$menuTypeId = $this->getMenuTypeId($record->menutype);
-			}
+		$menuTypeId = 0;
 
-			return $user->authorise('core.delete', 'com_menus.menu.' . (int) $menuTypeId);
+		if (!empty($record->menutype))
+		{
+			$menuTypeId = $this->getMenuTypeId($record->menutype);
 		}
 
-		return false;
+		return $user->authorise('core.delete', 'com_menus.menu.' . (int) $menuTypeId);
 	}
 
 	/**

diff --git a/administrator/components/com_menus/models/menu.php b/administrator/components/com_menus/models/menu.php
@@ -45,9 +45,7 @@ class MenusModelMenu extends JModelForm
 	 */
 	protected function canDelete($record)
 	{
-		$user = JFactory::getUser();
-
-		return $user->authorise('core.delete', 'com_menus.menu.' . (int) $record->id);
+		return JFactory::getUser()->authorise('core.delete', 'com_menus.menu.' . (int) $record->id);
 	}
 
 	/**

diff --git a/administrator/components/com_modules/models/module.php b/administrator/components/com_modules/models/module.php
@@ -295,11 +295,9 @@ protected function canEditState($record)
 		{
 			return $user->authorise('core.edit.state', 'com_modules.module.' . (int) $record->id);
 		}
+
 		// Default to component settings if module not known.
-		else
-		{
-			return parent::canEditState('com_modules');
-		}
+		return parent::canEditState($record);
 	}
 
 	/**

diff --git a/administrator/components/com_newsfeeds/models/newsfeed.php b/administrator/components/com_newsfeeds/models/newsfeed.php
@@ -148,26 +148,17 @@ protected function batchCopy($value, $pks, $contexts)
 	 */
 	protected function canDelete($record)
 	{
-		if (!empty($record->id))
+		if (empty($record->id) || $record->published != -2)
 		{
-			if ($record->published != -2)
-			{
-				return false;
-			}
-
-			$user = JFactory::getUser();
+			return false;
+		}
 
-			if (!empty($record->catid))
-			{
-				return $user->authorise('core.delete', 'com_newsfeed.category.' . (int) $record->catid);
-			}
-			else
-			{
-				return parent::canDelete($record);
-			}
+		if (!empty($record->catid))
+		{
+			return JFactory::getUser()->authorise('core.delete', 'com_newsfeed.category.' . (int) $record->catid);
 		}
 
-		return false;
+		return parent::canDelete($record);
 	}
 
 	/**
@@ -187,10 +178,8 @@ protected function canEditState($record)
 		{
 			return $user->authorise('core.edit.state', 'com_newsfeeds.category.' . (int) $record->catid);
 		}
-		else
-		{
-			return parent::canEditState($record);
-		}
+
+		return parent::canEditState($record);
 	}
 
 	/**

diff --git a/administrator/components/com_redirect/models/link.php b/administrator/components/com_redirect/models/link.php
@@ -40,26 +40,7 @@ protected function canDelete($record)
 			return false;
 		}
 
-		$user = JFactory::getUser();
-
-		return $user->authorise('core.delete', 'com_redirect');
-	}
-
-	/**
-	 * Method to test whether a record can have its state edited.
-	 *
-	 * @param   object  $record  A record object.
-	 *
-	 * @return  boolean  True if allowed to change the state of the record. Defaults to the permission set in the component.
-	 *
-	 * @since   1.6
-	 */
-	protected function canEditState($record)
-	{
-		$user = JFactory::getUser();
-
-		// Check the component since there are no categories or other assets.
-		return $user->authorise('core.edit.state', 'com_redirect');
+		return parent::canDelete($record);
 	}
 
 	/**

diff --git a/administrator/components/com_tags/models/tag.php b/administrator/components/com_tags/models/tag.php
@@ -53,29 +53,12 @@ class TagsModelTag extends JModelAdmin
 	 */
 	protected function canDelete($record)
 	{
-		if (!empty($record->id))
+		if (empty($record->id) || $record->published != -2)
 		{
-			if ($record->published != -2)
-			{
-				return false;
-			}
-
-			return parent::canDelete($record);
+			return false;
 		}
-	}
 
-	/**
-	 * Method to test whether a record can have its state changed.
-	 *
-	 * @param   object  $record  A record object.
-	 *
-	 * @return  boolean  True if allowed to change the state of the record. Defaults to the permission set in the component.
-	 *
-	 * @since   3.1
-	 */
-	protected function canEditState($record)
-	{
-		return parent::canEditState($record);
+		return parent::canDelete($record);
 	}
 
 	/**

diff --git a/components/com_config/model/cms.php b/components/com_config/model/cms.php
@@ -256,17 +256,12 @@ protected function populateState()
 	 */
 	protected function canDelete($record)
 	{
-		if (!empty($record->id))
+		if (empty($record->id) || $record->published != -2)
 		{
-			if ($record->published != -2)
-			{
-				return false;
-			}
-
-			$user = JFactory::getUser();
-
-			return $user->authorise('core.delete', $this->option);
+			return false;
 		}
+
+		return JFactory::getUser()->authorise('core.delete', $this->option);
 	}
 
 	/**
@@ -280,8 +275,6 @@ protected function canDelete($record)
 	 */
 	protected function canEditState($record)
 	{
-		$user = JFactory::getUser();
-
-		return $user->authorise('core.edit.state', $this->option);
+		return JFactory::getUser()->authorise('core.edit.state', $this->option);
 	}
 }
-Original file line number
+Diff line change
@@ Expand Up / @@ -98,7 +98,7 @@ protected function canEdit($record) @@
     	 */
     	protected function canDelete($record)
     	{
-    		return canEdit($record);
+    		return $this->canEdit($record);
     	}
     	/**
@@ Expand Down @@