Skip to content

Commit

Permalink
regression fix unable to edit addresses for basic user
Browse files Browse the repository at this point in the history
  • Loading branch information
@dleffler
dleffler committed Apr 5, 2017
1 parent 34094f2 commit 1890d9b
Showing 1 changed file with 3 additions and 4 deletions.
7 changes: 3 additions & 4 deletions framework/modules/addressbook/controllers/addressController.php
View file
Expand Up @@ -75,11 +75,10 @@ public function edit()
global $user;

$id = !empty($this->params['id']) ? $this->params['id'] : null;
$record = new address($id);

// check to see if we should be editing. You either need to be an admin, or editing own account.
if ($user->isAdmin() || ($user->id == $id)) {
$record = new address($id);
} else {
if (!($user->isAdmin() || ($user->id == $record->user_id))) {
flash('error', gt('You do not have the proper permissions to edit this address'));
expHistory::back();
}
Expand All @@ -101,7 +100,7 @@ public function myaddressbook() {

// check if the user is logged in.
expQueue::flashIfNotLoggedIn('message',gt('You must be logged in to manage your address book.')); //fixme is this redundant to common routine?
if (!$user->isAdmin() && $this->params['user_id'] != $user->id) {
if (!$user->isAdmin() && (!empty($this->params['user_id']) && $this->params['user_id'] != $user->id)) {
unset($this->params['user_id']);
}
expHistory::set('viewable', $this->params);
Expand Down

0 comments on commit 1890d9b

Please sign in to comment.