diff options
Diffstat (limited to 'core/controllers/photos.php')
| -rw-r--r-- | core/controllers/photos.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/core/controllers/photos.php b/core/controllers/photos.php index 7a599f4b..8b3e81fc 100644 --- a/core/controllers/photos.php +++ b/core/controllers/photos.php @@ -23,6 +23,10 @@ class Photos_Controller extends Items_Controller { * @see Rest_Controller::_show($resource) */ public function _show($item) { + if (!access::can("view", $item->id)) { + return Kohana::show_404(); + } + // @todo: this needs to be data-driven $template = new Theme_View("page.html", "photo", "default"); |