Committer: ssafronova
LJSUP-8039: Deny non-members to view/edit/delet entries in business-sensetive communities - LJSUP-8308: author can't delete entriesU trunk/cgi-bin/ljprotocol.pl
Modified: trunk/cgi-bin/ljprotocol.pl =================================================================== --- trunk/cgi-bin/ljprotocol.pl 2011-03-22 08:32:32 UTC (rev 18663) +++ trunk/cgi-bin/ljprotocol.pl 2011-03-22 08:49:14 UTC (rev 18664) @@ -2181,7 +2181,8 @@ return fail($err,320) if $spam; # new rule from 14 march 2011: user is allowed to edit only if he is allowed to do new post - return undef unless check_altusage($req, $err, $flags); + # but is allowed to delete its own post + return undef unless check_altusage($req, $err, $flags) or $req->{'event'} !~ /\S/; my $u = $flags->{'u'};