From 9f6f717585a863280c8e06790c27c5c371596db4 Mon Sep 17 00:00:00 2001
From: Jannat Patel <pateljannat2308@gmail.com>
Date: Mon, 16 Feb 2026 12:18:41 +0530
Subject: [PATCH] fix: discussions reply endpoint permission check

---
 lms/lms/utils.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/lms/lms/utils.py b/lms/lms/utils.py
index 56739992..6862abf6 100644
--- a/lms/lms/utils.py
+++ b/lms/lms/utils.py
@@ -1669,8 +1669,10 @@ def create_discussion_topic(doctype: str, docname: str) -> str:
 
 @frappe.whitelist()
 def get_discussion_replies(topic: str):
-	doctype = frappe.db.get_value("Discussion Topic", topic, "reference_doctype")
-	if not can_access_topic(doctype, topic):
+	topic_details = frappe.db.get_value(
+		"Discussion Topic", topic, ["reference_doctype", "reference_docname"], as_dict=1
+	)
+	if not can_access_topic(topic_details.reference_doctype, topic_details.reference_docname):
 		frappe.throw(_("You are not authorized to view the discussion replies for this topic."))
 
 	replies = frappe.get_all(