From 121eba468314249654c2a96df35ba1ee87833eee Mon Sep 17 00:00:00 2001
From: Web Access <rohan.katkar@webaccessglobal.com>
Date: Mon, 13 Jul 2015 21:26:13 +0530
Subject: [PATCH] Changes to CRM-16777

---
 CRM/Admin/Form/ScheduleReminders.php | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/CRM/Admin/Form/ScheduleReminders.php b/CRM/Admin/Form/ScheduleReminders.php
index 721004ecb3..a30ed51478 100644
--- a/CRM/Admin/Form/ScheduleReminders.php
+++ b/CRM/Admin/Form/ScheduleReminders.php
@@ -62,6 +62,14 @@ class CRM_Admin_Form_ScheduleReminders extends CRM_Admin_Form {
     if (empty($this->_context) && !CRM_Core_Permission::check('administer CiviCRM')) {
       CRM_Core_Error::fatal(ts('You do not have permission to access this page.'));
     }
+    //CRM-16777: When user have ACLs 'edit' permission for specific event, do not give access to add, delete & updtae
+    //schedule reminder for other events.
+    else {
+      $this->_compId = CRM_Utils_Request::retrieve('compId', 'Integer', $this);
+      if (!CRM_Event_BAO_Event::checkPermission($this->_compId, CRM_Core_Permission::EDIT)) {
+        CRM_Core_Error::fatal(ts('You do not have permission to access this page.'));
+      }
+    }
 
     if ($this->_action & (CRM_Core_Action::DELETE)) {
       $reminderName = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_ActionSchedule', $this->_id, 'title');
-- 
2.25.1