From 4a3c49240140449ef4c91c4b999a91b11380db3c Mon Sep 17 00:00:00 2001
From: Steve Clay <steve@mrclay.org>
Date: Sun, 24 Jun 2012 00:09:17 -0400
Subject: Fixes #4138: Admin can edit any users' notifications

---
 mod/notifications/index.php | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

(limited to 'mod/notifications/index.php')

diff --git a/mod/notifications/index.php b/mod/notifications/index.php
index 882389fde..f4143f57b 100644
--- a/mod/notifications/index.php
+++ b/mod/notifications/index.php
@@ -3,16 +3,16 @@
  * Elgg notifications plugin index
  *
  * @package ElggNotifications
+ *
+ * @uses $user ElggUser
  */
 
-// Load Elgg framework
-require_once(dirname(dirname(dirname(__FILE__))) . '/engine/start.php');
-
-// Ensure only logged-in users can see this page
-gatekeeper();
+if (!isset($user) || !($user instanceof ElggUser)) {
+	$url = 'notifications/personal/' . elgg_get_logged_in_user_entity()->username;
+	forward($url);
+}
 
-elgg_set_page_owner_guid(elgg_get_logged_in_user_guid());
-$user = elgg_get_page_owner_entity();
+elgg_set_page_owner_guid($user);
 
 // Set the context to settings
 elgg_set_context('settings');
@@ -26,7 +26,7 @@ elgg_push_breadcrumb($title);
 $people = array();
 if ($people_ents = elgg_get_entities_from_relationship(array(
 		'relationship' => 'notify',
-		'relationship_guid' => elgg_get_logged_in_user_guid(),
+		'relationship_guid' => $user->guid,
 		'types' => 'user',
 		'limit' => 99999,
 	))) {
@@ -36,7 +36,10 @@ if ($people_ents = elgg_get_entities_from_relationship(array(
 	}
 }
 
-$body = elgg_view('notifications/subscriptions/form', array('people' => $people));
+$body = elgg_view('notifications/subscriptions/form', array(
+	'people' => $people,
+	'user' => $user,
+));
 
 $params = array(
 	'content' => $body,
-- 
cgit v1.2.3