From 071a4d0ecfadb1c0d7b023259c817fecb38aebd1 Mon Sep 17 00:00:00 2001
From: Coleman Watts <coleman@civicrm.org>
Date: Tue, 16 Jun 2015 11:03:16 -0400
Subject: [PATCH] CRM-16512 - Fix permission checks on self

---
 CRM/ACL/API.php | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/CRM/ACL/API.php b/CRM/ACL/API.php
index f3681b3fa8..56d9b7e0da 100644
--- a/CRM/ACL/API.php
+++ b/CRM/ACL/API.php
@@ -120,15 +120,23 @@ class CRM_ACL_API {
       return $skipDeleteClause ? ' ( 1 ) ' : $deleteClause;
     }
 
+    $user = CRM_Core_Session::getLoggedInContactID();
     if ($contactID == NULL) {
-      $session = CRM_Core_Session::singleton();
-      $contactID = $session->get('userID');
+      $contactID = $user;
     }
 
     if (!$contactID) {
       // anonymous user
       $contactID = 0;
     }
+    // Check if contact has permissions on self
+    elseif ($contactID == $user) {
+      if (CRM_Core_Permission::check('edit my contact') ||
+        ($type == self::VIEW && CRM_Core_Permission::check('view my contact'))
+      ) {
+        return ' ( 1 ) ';
+      }
+    }
 
     return implode(' AND ',
       array(
-- 
2.25.1