From: niekt0 <niekt0@kyberia.cz>
Date: Sun, 15 Jan 2012 00:52:55 +0000 (+0100)
Subject: fixed bug in permissions (node was displayed even with external_access=no)
X-Git-Url: https://git.harvie.cz/?p=mirrors%2FKyberia-bloodline.git;a=commitdiff_plain;h=3c094f62a071292bcedd274d8ca9a402c68da814

fixed bug in permissions (node was displayed even with external_access=no)
---

diff --git a/wwwroot/backend/mysql/permissions.inc b/wwwroot/backend/mysql/permissions.inc
index 14bc7d4..6ef9596 100644
--- a/wwwroot/backend/mysql/permissions.inc
+++ b/wwwroot/backend/mysql/permissions.inc
@@ -58,6 +58,20 @@ public static function checkPerms($node) {
             $perms['node_system_access']   = $qr_np->getString('node_system_access');
             $perms['node_external_access'] = $qr_np->getString('node_external_access');
 
+        // external access must go first
+            if ($user_id == "") {
+                if ($perms['node_system_access'] != 'private'
+                && $perms['node_external_access'] == 'yes') {
+                        $perms['r'] = 1;
+                        $perms['w'] = 0;
+                    break;
+                } else {
+                        $perms['r'] = 0;
+                        $perms['w'] = 0;
+                    break;
+                }
+            }
+
             // r/w prava podla system accessu
             if ($perms['node_system_access'] == 'public') {
                 $perms['r'] = 1;
@@ -79,14 +93,6 @@ public static function checkPerms($node) {
                 break;
             }
 
-            if ($perms['node_system_access'] != 'private'
-                && (empty($_SESSION['user_id']))
-                && $perms['node_external_access'] == 'yes') {
-                    $perms['r'] = 1;
-                    $perms['w'] = 0;
-                    break;
-            }
-
         } // if ($perms['node_permission'] == '' && $perms['node_system_access'] == '')
         else {
             // ked som v public alebo moderated fore a dalsie nadradene su uz privatne