added check for 'view/edit my contact'

author systopia <endres@systopia.de>

Tue, 11 Oct 2016 23:53:17 +0000 (00:53 +0100)

committer eileenmcnaugton <eileen@fuzion.co.nz>

Mon, 24 Oct 2016 02:13:22 +0000 (15:13 +1300)
author systopia <endres@systopia.de>
Tue, 11 Oct 2016 23:53:17 +0000 (00:53 +0100)
committer eileenmcnaugton <eileen@fuzion.co.nz>
Mon, 24 Oct 2016 02:13:22 +0000 (15:13 +1300)
diff --git a/CRM/Contact/BAO/Contact/Permission.php b/CRM/Contact/BAO/Contact/Permission.php

index dc2f1fcb632559f48e96377d610975427d54ecb7..a165a77048d17b8f5cccbef93214442d72ebab7a 100644 (file)
--- a/CRM/Contact/BAO/Contact/Permission.php
+++ b/CRM/Contact/BAO/Contact/Permission.php
@@ -121,6 +121,12 @@ WHERE contact_id IN ({$contact_id_list})
    public static function allow($id, $type = CRM_Core_Permission::VIEW) {
      $tables = array();
      $whereTables = array();
+    // first: check if contact is trying to view own contact
+    if (   $type == CRM_Core_Permission::VIEW && CRM_Core_Permission::check('view my contact')
+        || $type == CRM_Core_Permission::EDIT && CRM_Core_Permission::check('edit my contact')
+      ) {
+      return TRUE;
+    }
  
      # FIXME: push this somewhere below, to not give this permission so many rights
      $isDeleted = (bool) CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $id, 'is_deleted');
author	systopia <endres@systopia.de>
	Tue, 11 Oct 2016 23:53:17 +0000 (00:53 +0100)
committer	eileenmcnaugton <eileen@fuzion.co.nz>
	Mon, 24 Oct 2016 02:13:22 +0000 (15:13 +1300)