aboutsummaryrefslogtreecommitdiff
path: root/services/bookmarkservice.php
diff options
context:
space:
mode:
Diffstat (limited to 'services/bookmarkservice.php')
-rw-r--r--services/bookmarkservice.php44
1 files changed, 30 insertions, 14 deletions
diff --git a/services/bookmarkservice.php b/services/bookmarkservice.php
index 6a50df5..f119593 100644
--- a/services/bookmarkservice.php
+++ b/services/bookmarkservice.php
@@ -97,22 +97,38 @@ class BookmarkService {
return $this->db->sql_fetchfield(0, 0);
}
- function editAllowed($bookmark) {
- if (!is_numeric($bookmark) && (!is_array($bookmark) || !is_numeric($bookmark['bId'])))
- return false;
+ /**
+ * Check if a bookmark may be edited by the current user
+ *
+ * @param integer|array $bookmark Bookmark uId or bookmark array
+ *
+ * @return boolean True if allowed
+ */
+ function editAllowed($bookmark)
+ {
+ if (!is_numeric($bookmark) && (!is_array($bookmark)
+ || !is_numeric($bookmark['bId']))
+ ) {
+ return false;
+ }
- if (!is_array($bookmark))
- if (!($bookmark = $this->getBookmark($bookmark)))
- return false;
+ if (!is_array($bookmark)
+ && !($bookmark = $this->getBookmark($bookmark))
+ ) {
+ return false;
+ }
- $userservice = & ServiceFactory :: getServiceInstance('UserService');
- $userid = $userservice->getCurrentUserId();
- if(!is_numeric($userid))
- return false; // useful for few servers configuration (see brunaud bugs)
- if ($GLOBALS['adminsCanModifyBookmarksFromOtherUsers'] && $userservice->isAdmin($userid) && !$userservice->isAdmin($bookmark['uId']))
- return true;
- else
- return ($bookmark['uId'] == $userid);
+ $userservice = & ServiceFactory::getServiceInstance('UserService');
+ $user = $userservice->getCurrentUser();
+
+ //user has to be either admin, or owner
+ if ($GLOBALS['adminsCanModifyBookmarksFromOtherUsers']
+ && $userservice->isAdmin($user)
+ ) {
+ return true;
+ } else {
+ return ($bookmark['uId'] == $user['uId']);
+ }
}
function bookmarkExists($address = false, $uid = NULL) {