oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fixed a bug where userId was not checked unless explicitly passed into canView

Browse source
This commit is contained in:
Colin Kuskie 2006-06-29 04:40:33 +00:00
parent 4cb7c98a16
commit 22c2102e5a
1 changed files with 9 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

12
lib/WebGUI/Asset.pm
View file

@ -152,10 +152,16 @@ Unique hash identifier for a user. If not specified, uses current userId.
sub canView {
my $self = shift;
my $userId = shift;
my $user = $self->session->user;
$user = WebGUI::User->new($self->session, $userId) if (defined $userId);
my $eh = $self->session->errorHandler;
my $userId = shift;
my $user;
if (defined $userId) {
$user = WebGUI::User->new($self->session, $userId);
}
else {
$user = $self->session->user;
$userId = $user->userId();
}
if ($userId eq $self->get("ownerUserId")) {
return 1;
} elsif ($user->isInGroup($self->get("groupIdView"))) {