ssafronova (ssafronova) wrote in changelog,
ssafronova
ssafronova
changelog

[livejournal] r18539: LJSUP-8039: Deny non-members to view/edi...

Committer: ssafronova
LJSUP-8039: Deny non-members to view/edit/delet entries in business-sensetive communities
U   trunk/cgi-bin/ljprotocol.pl
Modified: trunk/cgi-bin/ljprotocol.pl
===================================================================
--- trunk/cgi-bin/ljprotocol.pl	2011-03-14 11:10:26 UTC (rev 18538)
+++ trunk/cgi-bin/ljprotocol.pl	2011-03-14 11:16:47 UTC (rev 18539)
@@ -2180,10 +2180,7 @@
     return undef unless LJ::run_hook('spam_detector', $req, \$spam);
     return fail($err,320) if $spam;
 
-    # we check later that user owns entry they're modifying, so all
-    # we care about for check_altusage is that the target journal
-    # exists, and we want it to setup some data in $flags.
-    $flags->{'ignorecanuse'} = 1;
+    # new rule from 14 march 2011: user is allowed to edit only if he is allowed to do new post
     return undef unless check_altusage($req, $err, $flags);
 
     my $u = $flags->{'u'};

Tags: livejournal, pl, ssafronova
Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 0 comments