Check view permissions before allowing view access to albums/photos.

author: Bharat Mediratta <bharat@menalto.com> 2008-12-09 10:14:09 +0000
committer: Bharat Mediratta <bharat@menalto.com> 2008-12-09 10:14:09 +0000
commit: 4a0e4b798e6ea3341b1bbc902b9e1e5f2c96692d (patch)
tree: cb4c1ea6834c455ce87d345ad5085504b78d5d88 /core/helpers/access.php
parent: e62103b8d9463bf409881d17a4bda93f3ca3208d (diff)
1 files changed, 5 insertions, 2 deletions
diff --git a/core/helpers/access.php b/core/helpers/access.php
index f4e98082..c21583a8 100644
--- a/core/helpers/access.php
+++ b/core/helpers/access.php
@@ -102,12 +102,15 @@ class access_Core {
         throw new Exception("@todo MISSING_ACCESS for $item_id");
       }
 
+      if ($access->view_0 == self::ALLOW) {
+        return true;
+      }
       foreach ($user->groups as $group) {
         if ($access->__get("{$perm_name}_{$group->id}") === self::ALLOW) {
-          return self::ALLOW;
+          return true;
         }
       }
-      return self::DENY;
+      return false;
     } else {
       return self::group_can(group::EVERYBODY, $perm_name, $item_id);
     }
author	Bharat Mediratta <bharat@menalto.com>	2008-12-09 10:14:09 +0000
committer	Bharat Mediratta <bharat@menalto.com>	2008-12-09 10:14:09 +0000
commit	4a0e4b798e6ea3341b1bbc902b9e1e5f2c96692d (patch)
tree	cb4c1ea6834c455ce87d345ad5085504b78d5d88 /core/helpers/access.php
parent	e62103b8d9463bf409881d17a4bda93f3ca3208d (diff)