From bfb040a46394e1a91318f39926923e027167362f Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Wed, 31 Dec 2008 00:47:15 +0000
Subject: Fix a bug where we were accidentally allowing view permissions when
 allowing or resetting permission further down in the tree.  This bug was
 introduced when I refactored the view permission cache into the items table. 
 Updated test to catch it.

---
 core/helpers/access.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'core/helpers')

diff --git a/core/helpers/access.php b/core/helpers/access.php
index 9154fa75..c2f7a76e 100644
--- a/core/helpers/access.php
+++ b/core/helpers/access.php
@@ -400,7 +400,8 @@ class access_Core {
       $tmp_item = ORM::factory("item")
         ->where("left <", $item->left)
         ->where("right >", $item->right)
-        ->where($field, self::DENY)
+        ->join("access_intents", "access_intents.item_id", "items.id")
+        ->where("access_intents.$field", self::DENY)
         ->orderby("left", "DESC")
         ->limit(1)
         ->find();
-- 
cgit v1.2.3