From 87177cd23ceeb5c16a29d6c365c44b446a9cfd31 Mon Sep 17 00:00:00 2001
From: "Donald A. Lobo" <lobo@civicrm.org>
Date: Mon, 20 May 2013 14:02:35 -0700
Subject: [PATCH] CRM-12646

----------------------------------------
* CRM-12646: Suppress the ability to edit custom data unless the user has edit rights on the contact.
  http://issues.civicrm.org/jira/browse/CRM-12646
---
 CRM/Contact/Page/View/CustomData.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/CRM/Contact/Page/View/CustomData.php b/CRM/Contact/Page/View/CustomData.php
index 62ba165aac..50411420d8 100644
--- a/CRM/Contact/Page/View/CustomData.php
+++ b/CRM/Contact/Page/View/CustomData.php
@@ -100,9 +100,9 @@ class CRM_Contact_Page_View_CustomData extends CRM_Core_Page {
     $session->pushUserContext(CRM_Utils_System::url($doneURL, 'action=browse&selectedChild=custom_' . $this->_groupId), FALSE);
 
     // get permission detail view or edit
-    $permUser = CRM_Core_Permission::getPermission();
-
-    $editCustomData = (CRM_Core_Permission::VIEW == $permUser) ? 0 : 1;
+    // use a comtact id specific function which gives us much better granularity
+    // CRM-12646
+    $editCustomData = CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::EDIT);
     $this->assign('editCustomData', $editCustomData);
 
     //allow to edit own customdata CRM-5518
-- 
2.25.1