[livejournal] r18539: LJSUP-8039: Deny non-members to view/edi...: changelog

[livejournal] r18539: LJSUP-8039: Deny non-members to view/edi...

Committer: ssafronova

LJSUP-8039: Deny non-members to view/edit/delet entries in business-sensetive communities

U   trunk/cgi-bin/ljprotocol.pl

Modified: trunk/cgi-bin/ljprotocol.pl
===================================================================
--- trunk/cgi-bin/ljprotocol.pl	2011-03-14 11:10:26 UTC (rev 18538)
+++ trunk/cgi-bin/ljprotocol.pl	2011-03-14 11:16:47 UTC (rev 18539)
@@ -2180,10 +2180,7 @@
     return undef unless LJ::run_hook('spam_detector', $req, \$spam);
     return fail($err,320) if $spam;
 
-    # we check later that user owns entry they're modifying, so all
-    # we care about for check_altusage is that the target journal
-    # exists, and we want it to setup some data in $flags.
-    $flags->{'ignorecanuse'} = 1;
+    # new rule from 14 march 2011: user is allowed to edit only if he is allowed to do new post
     return undef unless check_altusage($req, $err, $flags);
 
     my $u = $flags->{'u'};

Post a new comment
Error

Anonymous comments are disabled in this journal
We will log you in after post

We will log you in after post

We will log you in after post

We will log you in after post

We will log you in after post

Anonymously

switch

LiveJournal

Facebook

Twitter

OpenId

Google

MailRu

VKontakte

Anonymously

default userpic

Your reply will be screened

Your IP address will be recorded

Preview comment

Help
0 comments

Post a new comment
0 comments

Log in

[livejournal] r18539: LJSUP-8039: Deny non-members to view/edi...

Error