aboutsummaryrefslogtreecommitdiff
path: root/engine/lib
diff options
context:
space:
mode:
authorben <ben@36083f99-b078-4883-b0ff-0f9b5a30f544>2008-08-07 16:16:46 +0000
committerben <ben@36083f99-b078-4883-b0ff-0f9b5a30f544>2008-08-07 16:16:46 +0000
commit5ca5347e6cc1d2a71412495b2bc2898fd12292e7 (patch)
tree9615e411e0c17aeb8a72952d8acca576d811c7c1 /engine/lib
parentd7fcdaab5474b8232bca1cf4d49d887a658bc1fe (diff)
downloadelgg-5ca5347e6cc1d2a71412495b2bc2898fd12292e7.tar.gz
elgg-5ca5347e6cc1d2a71412495b2bc2898fd12292e7.tar.bz2
Fixed access permissions wrt groups
git-svn-id: https://code.elgg.org/elgg/trunk@1765 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'engine/lib')
-rw-r--r--engine/lib/access.php11
1 files changed, 9 insertions, 2 deletions
diff --git a/engine/lib/access.php b/engine/lib/access.php
index d9f48e6e2..b290700eb 100644
--- a/engine/lib/access.php
+++ b/engine/lib/access.php
@@ -278,7 +278,11 @@
$user_guid = (int) $user_guid;
$collections = get_write_access_array();
- if (array_key_exists($collection_id, $collections) && $user = get_user($user_guid)) {
+ if (!($collection = get_access_collection($collection_id)))
+ return false;
+
+ if ((array_key_exists($collection_id, $collections) || $collection->owner_guid == 0)
+ && $user = get_user($user_guid)) {
global $CONFIG;
insert_data("insert into {$CONFIG->dbprefix}access_collection_membership set access_collection_id = {$collection_id}, user_guid = {$user_guid}");
@@ -303,7 +307,10 @@
$user_guid = (int) $user_guid;
$collections = get_write_access_array();
- if (array_key_exists($collection_id, $collections) && $user = get_user($user_guid)) {
+ if (!($collection = get_access_collection($collection_id)))
+ return false;
+
+ if ((array_key_exists($collection_id, $collections) || $collection->owner_guid == 0) && $user = get_user($user_guid)) {
global $CONFIG;
delete_data("delete from {$CONFIG->dbprefix}access_collection_membership where access_collection_id = {$collection_id} and user_guid = {$user_guid}");
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-02 02:33:11 +0000