diff options
| author | Tekimaki <tekimaki_admin@users.sourceforge.net> | 2009-02-06 20:04:40 +0000 |
|---|---|---|
| committer | Tekimaki <tekimaki_admin@users.sourceforge.net> | 2009-02-06 20:04:40 +0000 |
| commit | 0ac664ffc421345c65ba077e1181b96fbcbc0abb (patch) | |
| tree | e144cd5a65b523fbead7ca1bee24cb42df76eb6a | |
| parent | 4221d79e066b7abb48770b7f9167a03fa20e660f (diff) | |
| download | liberty-0ac664ffc421345c65ba077e1181b96fbcbc0abb.tar.gz liberty-0ac664ffc421345c65ba077e1181b96fbcbc0abb.tar.bz2 liberty-0ac664ffc421345c65ba077e1181b96fbcbc0abb.zip | |
when checking for a general user perm you call hasPermission on gBitUser, not hasUserPermission -- hasUserPermission runs the perm on the content object - in which case its the gBitUser itself - which will thus always return true since the user is the owner of themselves
| -rw-r--r-- | LibertyComment.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/LibertyComment.php b/LibertyComment.php index de0dbb2..1188c35 100644 --- a/LibertyComment.php +++ b/LibertyComment.php @@ -3,7 +3,7 @@ * Management of Liberty Content * * @package liberty - * @version $Header: /cvsroot/bitweaver/_bit_liberty/LibertyComment.php,v 1.75 2009/02/04 19:14:43 tekimaki_admin Exp $ + * @version $Header: /cvsroot/bitweaver/_bit_liberty/LibertyComment.php,v 1.76 2009/02/06 20:04:40 tekimaki_admin Exp $ * @author spider <spider@steelsun.com> */ @@ -261,7 +261,7 @@ class LibertyComment extends LibertyContent { $checkPerms = $this->getUserPermissions(); $ret = ( !empty( $checkPerms['p_liberty_edit_comments'] ) || !empty( $checkPerms['p_liberty_admin_comments'] ) || - $gBitUser->hasUserPermission( 'p_liberty_admin_comments' ) || + $gBitUser->hasPermission( 'p_liberty_admin_comments' ) || ( $gBitUser->mUserId == $this->mInfo['user_id'] && $withinEditTime ) ); } elseif( $this->mInfo['user_id'] == ANONYMOUS_USER_ID ) { |
