X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=CRM%2FProfile%2FPage%2FDynamic.php;h=d73239db28498c3e52c002a896b44c9d4135179c;hb=b44e3f8468ceba3e1b321d31dd2e35a1aa1a5d9a;hp=44b28ecce7d9504e41bb8b441f52e27dc045777a;hpb=cda772aae0c600de9033d3360dfde772a2a78f64;p=civicrm-core.git

diff --git a/CRM/Profile/Page/Dynamic.php b/CRM/Profile/Page/Dynamic.php
index 44b28ecce7..d73239db28 100644
--- a/CRM/Profile/Page/Dynamic.php
+++ b/CRM/Profile/Page/Dynamic.php
@@ -3,7 +3,7 @@
  +--------------------------------------------------------------------+
  | CiviCRM version 4.6                                                |
  +--------------------------------------------------------------------+
- | Copyright CiviCRM LLC (c) 2004-2014                                |
+ | Copyright CiviCRM LLC (c) 2004-2015                                |
  +--------------------------------------------------------------------+
  | This file is a part of CiviCRM.                                    |
  |                                                                    |
@@ -28,7 +28,7 @@
 /**
  *
  * @package CRM
- * @copyright CiviCRM LLC (c) 2004-2014
+ * @copyright CiviCRM LLC (c) 2004-2015
  * $Id$
  *
  */
@@ -203,12 +203,18 @@ class CRM_Profile_Page_Dynamic extends CRM_Core_Page {
       $session = CRM_Core_Session::singleton();
       $userID = $session->get('userID');
 
-      $this->_isPermissionedChecksum = FALSE;
+      $this->_isPermissionedChecksum = $allowPermission = FALSE;
       $permissionType = CRM_Core_Permission::VIEW;
+      if (CRM_Core_Permission::check('administer users') || CRM_Core_Permission::check('view all contacts') || CRM_Contact_BAO_Contact_Permission::allow($this->_id)) {
+        $allowPermission =  TRUE;
+      }
       if ($this->_id != $userID) {
         // do not allow edit for anon users in joomla frontend, CRM-4668, unless u have checksum CRM-5228
         if ($config->userFrameworkFrontend) {
           $this->_isPermissionedChecksum = CRM_Contact_BAO_Contact_Permission::validateOnlyChecksum($this->_id, $this, FALSE);
+          if (!$this->_isPermissionedChecksum) {
+            $this->_isPermissionedChecksum = $allowPermission;
+          }
         }
         else {
           $this->_isPermissionedChecksum = CRM_Contact_BAO_Contact_Permission::validateChecksumContact($this->_id, $this, FALSE);
@@ -226,12 +232,7 @@ class CRM_Profile_Page_Dynamic extends CRM_Core_Page {
 
       // make sure we dont expose all fields based on permission
       $admin = FALSE;
-      if ((!$config->userFrameworkFrontend &&
-          (CRM_Core_Permission::check('administer users') ||
-            CRM_Core_Permission::check('view all contacts') ||
-            CRM_Contact_BAO_Contact_Permission::allow($this->_id)
-          )
-        ) ||
+      if ((!$config->userFrameworkFrontend && $allowPermission) ||
         $this->_id == $userID ||
         $this->_isPermissionedChecksum
       ) {