From fc3fd3321df5e116975bc6c447768f7d8180b87e Mon Sep 17 00:00:00 2001
From: Tim Almdal <tnalmdal@shaw.ca>
Date: Sat, 13 Dec 2008 07:49:27 +0000
Subject: Add a permissions check to determine if the active user has edit
 permission on the item in order to display the tag add form

---
 modules/tag/helpers/tag.php       | 2 +-
 modules/tag/helpers/tag_block.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'modules/tag/helpers')

diff --git a/modules/tag/helpers/tag.php b/modules/tag/helpers/tag.php
index 595f4b08..104d4a30 100644
--- a/modules/tag/helpers/tag.php
+++ b/modules/tag/helpers/tag.php
@@ -81,7 +81,7 @@ class tag_Core {
 
   public static function get_add_form($item_id) {
     $form = new Forge(url::site("tags"), "", "post", array("id" => "gAddTagForm"));
-    $group = $form->group(_("Add Tag"));
+    $group = $form->group("add_tag")->label(_("Add Tag"));
     $group->input("tag_name");
     $group->hidden("item_id")->value($item_id);
     $group->submit(_("Add"));
diff --git a/modules/tag/helpers/tag_block.php b/modules/tag/helpers/tag_block.php
index 686f7876..37f7f21e 100644
--- a/modules/tag/helpers/tag_block.php
+++ b/modules/tag/helpers/tag_block.php
@@ -30,7 +30,7 @@ class tag_block_Core {
     $block->content = new View("tag_block.html");
     $block->content->cloud = tag::cloud(30);
 
-    if ($theme->page_type() != "tag") {
+    if ($theme->page_type() != "tag" && access::can("edit", $theme->item())) {
       $controller = new Tags_Controller();
       $block->content->form = tag::get_add_form($theme->item());
     } else {
-- 
cgit v1.2.3