Skip to content
Permalink
Browse files

Check for Guest Edit Permissions on Button Submit

  • Loading branch information
sebastienheraud committed Jan 8, 2020
1 parent e48aef7 commit be73ac9a5246e14daab1d7adc74da3dff413b75a
Showing with 16 additions and 3 deletions.
  1. +16 −3 plugins/cck_field/button_submit/button_submit.php
@@ -216,8 +216,20 @@ public function onCCK_FieldPrepareForm( &$field, $value = '', &$config = array()
}
} else {
$canEdit = $user->authorise( 'core.edit', 'com_cck.form.'.$config['type_id'] );
$canEditOwn = $user->authorise( 'core.edit.own', 'com_cck.form.'.$config['type_id'] );
$canEditOwnContent = '';
$canEditOwnGuest = false;

if ( $user->id && !$user->guest ) {
$canEditOwn = $user->authorise( 'core.edit.own', 'com_cck.form.'.$config['type_id'] );
} else {
$canEditOwn = false;

if ( $config['author_session']
&& $config['author_session'] == JFactory::getSession()->getId() ) {
if ( $user->authorise( 'core.edit.own', 'com_cck.form.'.$config['type_id'] ) ) {
$canEditOwnGuest = true;
}
}
}

jimport( 'cck.joomla.access.access' );
$canEditOwnContent = CCKAccess::check( $user->id, 'core.edit.own.content', 'com_cck.form.'.$config['type_id'] );
@@ -240,7 +252,8 @@ public function onCCK_FieldPrepareForm( &$field, $value = '', &$config = array()
if ( !( $canEdit && $canEditOwn
|| ( $canEdit && !$canEditOwn && ( $config['author'] != $user->id ) )
|| ( $canEditOwn && ( $config['author'] == $user->id ) )
|| ( $canEditOwnContent ) ) ) {
|| ( $canEditOwnContent )
|| ( $canEditOwnGuest ) ) ) {
$canDo = false;
}
}

0 comments on commit be73ac9

Please sign in to comment.
You can’t perform that action at this time.