aboutsummaryrefslogtreecommitdiff
path: root/engine/lib/extender.php
diff options
context:
space:
mode:
authorben <ben@36083f99-b078-4883-b0ff-0f9b5a30f544>2008-04-15 15:00:18 +0000
committerben <ben@36083f99-b078-4883-b0ff-0f9b5a30f544>2008-04-15 15:00:18 +0000
commit4486fb03c1bf589083d2a57671a30849befcd976 (patch)
treed8932ba5bbc676e4f1106ae918042d5a7ec5cb6f /engine/lib/extender.php
parent030c68e934e467ec8b3ae35f099af26d0e561c07 (diff)
downloadelgg-4486fb03c1bf589083d2a57671a30849befcd976.tar.gz
elgg-4486fb03c1bf589083d2a57671a30849befcd976.tar.bz2
Improvement to canEdit() for extenders, which takes into account the canEdit() status of entities the extender is attached to
git-svn-id: https://code.elgg.org/elgg/trunk@459 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'engine/lib/extender.php')
-rw-r--r--engine/lib/extender.php5
1 files changed, 5 insertions, 0 deletions
diff --git a/engine/lib/extender.php b/engine/lib/extender.php
index 05a86a62e..abf4f087d 100644
--- a/engine/lib/extender.php
+++ b/engine/lib/extender.php
@@ -186,8 +186,13 @@
$extender = $functionname($extender_id);
} else return false;
+ // If the owner is the specified user, great! They can edit.
if ($extender->getOwner() == $user->getGUID()) return true;
+ // If the user can edit the entity this is attached to, great! They can edit.
+ if (can_edit_entity($extender->entity_guid,$user->getGUID())) return true;
+
+ // Trigger plugin hooks
return trigger_plugin_hook('permissions_check',$type,array('entity' => $entity, 'user' => $user),false);
}