projects / civicrm-core.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge remote-tracking branch 'upstream/4.6' into 4.6-master-2015-08-31-12-20-39
[civicrm-core.git] / CRM / ACL / API.php
diff --git a/CRM/ACL/API.php b/CRM/ACL/API.php
index 3674629ec4132275a2f98a411593bf7006a943be..569f9db53547823bf13a89485cf430e284192d6e 100644 (file)
--- a/CRM/ACL/API.php
+++ b/CRM/ACL/API.php
@@ -118,21 +118,12 @@ class CRM_ACL_API {
       return $deleteClause;
     }
 
-    $user = CRM_Core_Session::getLoggedInContactID();
-    if ($contactID == NULL) {
-      $contactID = $user ? $user : 0;
-    }
-
-    // Check if contact has permissions on self
-    if ($user && $contactID == $user) {
-      if (CRM_Core_Permission::check('edit my contact') ||
-        ($type == self::VIEW && CRM_Core_Permission::check('view my contact'))
-      ) {
-        return ' ( 1 ) ';
-      }
+    if (!$contactID) {
+      $contactID = CRM_Core_Session::getLoggedInContactID();
     }
+    $contactID = (int) $contactID;
 
-    return implode(' AND ',
+    $where = implode(' AND ',
       array(
         CRM_ACL_BAO_ACL::whereClause($type,
           $tables,
@@ -142,6 +133,14 @@ class CRM_ACL_API {
         $deleteClause,
       )
     );
+
+    // Add permission on self
+    if ($contactID && (CRM_Core_Permission::check('edit my contact') ||
+      $type == self::VIEW && CRM_Core_Permission::check('view my contact'))
+    ) {
+      $where = "contact_a.id = $contactID OR ($where)";
+    }
+    return $where;
   }
 
   /**