Committer: ssafronova
LJSUP-8039: Deny non-members to view/edit/delet entries in business-sensetive communitiesU trunk/cgi-bin/ljprotocol.pl
Modified: trunk/cgi-bin/ljprotocol.pl
===================================================================
--- trunk/cgi-bin/ljprotocol.pl 2011-03-14 11:10:26 UTC (rev 18538)
+++ trunk/cgi-bin/ljprotocol.pl 2011-03-14 11:16:47 UTC (rev 18539)
@@ -2180,10 +2180,7 @@
return undef unless LJ::run_hook('spam_detector', $req, \$spam);
return fail($err,320) if $spam;
- # we check later that user owns entry they're modifying, so all
- # we care about for check_altusage is that the target journal
- # exists, and we want it to setup some data in $flags.
- $flags->{'ignorecanuse'} = 1;
+ # new rule from 14 march 2011: user is allowed to edit only if he is allowed to do new post
return undef unless check_altusage($req, $err, $flags);
my $u = $flags->{'u'};
