CRM-12645 fix regression in previous refactor

author eileen <emcnaughton@wikimedia.org>

Fri, 14 Oct 2016 14:24:13 +0000 (15:24 +0100)

committer eileenmcnaugton <eileen@fuzion.co.nz>

Mon, 24 Oct 2016 02:17:50 +0000 (15:17 +1300)
author eileen <emcnaughton@wikimedia.org>
Fri, 14 Oct 2016 14:24:13 +0000 (15:24 +0100)
committer eileenmcnaugton <eileen@fuzion.co.nz>
Mon, 24 Oct 2016 02:17:50 +0000 (15:17 +1300)
diff --git a/CRM/Contact/BAO/Contact/Permission.php b/CRM/Contact/BAO/Contact/Permission.php

index bbdc30ea2c6c4107bf63ca8343000cdfa2ee755a..0112b38a06f2f159aa58ab97087e22cb2fe261b0 100644 (file)
--- a/CRM/Contact/BAO/Contact/Permission.php
+++ b/CRM/Contact/BAO/Contact/Permission.php
@@ -140,8 +140,8 @@ WHERE contact_id IN ({$contact_id_list})
      $contactID = CRM_Core_Session::getLoggedInContactID();
  
      // first: check if contact is trying to view own contact
-    if ($type == CRM_Core_Permission::VIEW && CRM_Core_Permission::check('view my contact')
-     || $type == CRM_Core_Permission::EDIT && CRM_Core_Permission::check('edit my contact')
+    if ($contactID == $id && ($type == CRM_Core_Permission::VIEW && CRM_Core_Permission::check('view my contact')
+     || $type == CRM_Core_Permission::EDIT && CRM_Core_Permission::check('edit my contact'))
        ) {
        return TRUE;
      }
author	eileen <emcnaughton@wikimedia.org>
	Fri, 14 Oct 2016 14:24:13 +0000 (15:24 +0100)
committer	eileenmcnaugton <eileen@fuzion.co.nz>
	Mon, 24 Oct 2016 02:17:50 +0000 (15:17 +1300)