summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTekimaki <tekimaki_admin@users.sourceforge.net>2009-02-06 20:04:40 +0000
committerTekimaki <tekimaki_admin@users.sourceforge.net>2009-02-06 20:04:40 +0000
commit0ac664ffc421345c65ba077e1181b96fbcbc0abb (patch)
treee144cd5a65b523fbead7ca1bee24cb42df76eb6a
parent4221d79e066b7abb48770b7f9167a03fa20e660f (diff)
downloadliberty-0ac664ffc421345c65ba077e1181b96fbcbc0abb.tar.gz
liberty-0ac664ffc421345c65ba077e1181b96fbcbc0abb.tar.bz2
liberty-0ac664ffc421345c65ba077e1181b96fbcbc0abb.zip
when checking for a general user perm you call hasPermission on gBitUser, not hasUserPermission -- hasUserPermission runs the perm on the content object - in which case its the gBitUser itself - which will thus always return true since the user is the owner of themselves
-rw-r--r--LibertyComment.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/LibertyComment.php b/LibertyComment.php
index de0dbb2..1188c35 100644
--- a/LibertyComment.php
+++ b/LibertyComment.php
@@ -3,7 +3,7 @@
* Management of Liberty Content
*
* @package liberty
- * @version $Header: /cvsroot/bitweaver/_bit_liberty/LibertyComment.php,v 1.75 2009/02/04 19:14:43 tekimaki_admin Exp $
+ * @version $Header: /cvsroot/bitweaver/_bit_liberty/LibertyComment.php,v 1.76 2009/02/06 20:04:40 tekimaki_admin Exp $
* @author spider <spider@steelsun.com>
*/
@@ -261,7 +261,7 @@ class LibertyComment extends LibertyContent {
$checkPerms = $this->getUserPermissions();
$ret = ( !empty( $checkPerms['p_liberty_edit_comments'] ) ||
!empty( $checkPerms['p_liberty_admin_comments'] ) ||
- $gBitUser->hasUserPermission( 'p_liberty_admin_comments' ) ||
+ $gBitUser->hasPermission( 'p_liberty_admin_comments' ) ||
( $gBitUser->mUserId == $this->mInfo['user_id'] && $withinEditTime )
);
} elseif( $this->mInfo['user_id'] == ANONYMOUS_USER_ID ) {