Merge branch 'master' of git@github.com:gallery/gallery3

author: Chad Kieffer <ckieffer@gmail.com> 2009-07-26 10:54:44 -0600
committer: Chad Kieffer <ckieffer@gmail.com> 2009-07-26 10:54:44 -0600
commit: ab02c2a40b0359dce959b2734dc50cbee276d591 (patch)
tree: b39d5cd487712119c3ac854799e6c76d06d1b748 /modules/gallery/helpers
parent: 26117accb62a58728da5e3c9b9166980a955ab44 (diff)
parent: 0d76d6fd77f53e9e92a9a013cd112c69217f3ceb (diff)
1 files changed, 11 insertions, 3 deletions
diff --git a/modules/gallery/helpers/access.php b/modules/gallery/helpers/access.php
index 2faa922b..abb48fc3 100644
--- a/modules/gallery/helpers/access.php
+++ b/modules/gallery/helpers/access.php
@@ -95,12 +95,20 @@ class access_Core {
       return false;
     }
 
-    if ($user->admin && $item->owner_id == $user->id) {
+    if ($user->admin) {
       return true;
     }
 
-    $resource = $perm_name == "view" ?
-      $item : model_cache::get("access_cache", $item->id, "item_id");
+    if ($item->owner_id == $user->id  &&
+        in_array($perm_name, array("view_full", "edit", "add"))) {
+      return true;
+    }
+
+    if ($perm_name == "view") {
+      $resource = $item->owner_id == $user->id ? $item->parent() : $item;
+    } else {
+      $resource = model_cache::get("access_cache", $item->id, "item_id");
+    }
     foreach ($user->groups as $group) {
       if ($resource->__get("{$perm_name}_{$group->id}") === self::ALLOW) {
         return true;
author	Chad Kieffer <ckieffer@gmail.com>	2009-07-26 10:54:44 -0600
committer	Chad Kieffer <ckieffer@gmail.com>	2009-07-26 10:54:44 -0600
commit	ab02c2a40b0359dce959b2734dc50cbee276d591 (patch)
tree	b39d5cd487712119c3ac854799e6c76d06d1b748 /modules/gallery/helpers
parent	26117accb62a58728da5e3c9b9166980a955ab44 (diff)
parent	0d76d6fd77f53e9e92a9a013cd112c69217f3ceb (diff)