aboutsummaryrefslogtreecommitdiff
path: root/mod/pages/views/default/forms
diff options
context:
space:
mode:
authorBrett Profitt <brett.profitt@gmail.com>2012-05-01 18:24:13 -0700
committerBrett Profitt <brett.profitt@gmail.com>2012-05-01 18:24:13 -0700
commit7303e0b19adae0a3fa5db139e3fafb310dd43485 (patch)
tree8923bfae644c54a5c93a7df8114b27dc035d8e72 /mod/pages/views/default/forms
parentc0c5c0f81f40b5d72048e74842a650f974cefcd7 (diff)
downloadelgg-7303e0b19adae0a3fa5db139e3fafb310dd43485.tar.gz
elgg-7303e0b19adae0a3fa5db139e3fafb310dd43485.tar.bz2
Fixes #1830. Removed access and write access inputs for non-owners and non-admins.
Diffstat (limited to 'mod/pages/views/default/forms')
-rw-r--r--mod/pages/views/default/forms/pages/edit.php15
1 files changed, 13 insertions, 2 deletions
diff --git a/mod/pages/views/default/forms/pages/edit.php b/mod/pages/views/default/forms/pages/edit.php
index 20737a121..9469f5eb9 100644
--- a/mod/pages/views/default/forms/pages/edit.php
+++ b/mod/pages/views/default/forms/pages/edit.php
@@ -6,7 +6,18 @@
*/
$variables = elgg_get_config('pages');
+$user = elgg_get_logged_in_user_entity();
+$entity = elgg_extract('entity', $vars);
+$can_change_access = true;
+if ($user && $entity) {
+ $can_change_access = ($user->isAdmin() || $user->getGUID() == $entity->owner_guid);
+}
+
foreach ($variables as $name => $type) {
+ // don't show read / write access inputs for non-owners or admin when editing
+ if (($type == 'access' || $type == 'write_access') && !$can_change_access) {
+ continue;
+ }
?>
<div>
<label><?php echo elgg_echo("pages:$name") ?></label>
@@ -14,8 +25,8 @@ foreach ($variables as $name => $type) {
if ($type != 'longtext') {
echo '<br />';
}
- ?>
- <?php echo elgg_view("input/$type", array(
+
+ echo elgg_view("input/$type", array(
'name' => $name,
'value' => $vars[$name],
));