Committer: ssafronova
LJSUP-8039: Deny non-members to view/edit/delet entries in business-sensetive communities - LJSUP-8308: author can't delete entriesU trunk/cgi-bin/ljprotocol.pl
Modified: trunk/cgi-bin/ljprotocol.pl
===================================================================
--- trunk/cgi-bin/ljprotocol.pl 2011-03-22 08:32:32 UTC (rev 18663)
+++ trunk/cgi-bin/ljprotocol.pl 2011-03-22 08:49:14 UTC (rev 18664)
@@ -2181,7 +2181,8 @@
return fail($err,320) if $spam;
# new rule from 14 march 2011: user is allowed to edit only if he is allowed to do new post
- return undef unless check_altusage($req, $err, $flags);
+ # but is allowed to delete its own post
+ return undef unless check_altusage($req, $err, $flags) or $req->{'event'} !~ /\S/;
my $u = $flags->{'u'};
