From 2b8d25f0e5e29c6b8931e24eafe855fedc4ad3bc Mon Sep 17 00:00:00 2001
From: systopia <endres@systopia.de>
Date: Wed, 12 Oct 2016 00:53:17 +0100
Subject: [PATCH] added check for 'view/edit my contact'

---
 CRM/Contact/BAO/Contact/Permission.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/CRM/Contact/BAO/Contact/Permission.php b/CRM/Contact/BAO/Contact/Permission.php
index dc2f1fcb63..a165a77048 100644
--- a/CRM/Contact/BAO/Contact/Permission.php
+++ b/CRM/Contact/BAO/Contact/Permission.php
@@ -121,6 +121,12 @@ WHERE contact_id IN ({$contact_id_list})
   public static function allow($id, $type = CRM_Core_Permission::VIEW) {
     $tables = array();
     $whereTables = array();
+    // first: check if contact is trying to view own contact
+    if (   $type == CRM_Core_Permission::VIEW && CRM_Core_Permission::check('view my contact')
+        || $type == CRM_Core_Permission::EDIT && CRM_Core_Permission::check('edit my contact')
+      ) {
+      return TRUE;
+    }
 
     # FIXME: push this somewhere below, to not give this permission so many rights
     $isDeleted = (bool) CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $id, 'is_deleted');
-- 
2.25.1