diff options
Diffstat (limited to 'core/controllers/albums.php')
| -rw-r--r-- | core/controllers/albums.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/core/controllers/albums.php b/core/controllers/albums.php index e684fa6b..bba7fd6e 100644 --- a/core/controllers/albums.php +++ b/core/controllers/albums.php @@ -23,6 +23,10 @@ class Albums_Controller extends Items_Controller { * @see Rest_Controller::_show($resource) */ public function _show($item) { + if (!access::can("view", $item->id)) { + return Kohana::show_404(); + } + // @todo: these need to be pulled from the database $theme_name = "default"; $page_size = 9; |