Why are drafts publicly accessible, and how to mitigate?

This is what I have come up with so far:

if (ctx.query._publicationState === "preview" && ctx.req.user?.confirmed) {
  ctx.query._published_at_null = true;
} else if (ctx.query._publicationState === "preview") {
  ctx.query._published_at_null = false;
}
1 Like