[livejournal] r18688: LJSUP-8039: Deny non-members to view/edi...
Committer: ssafronova
LJSUP-8039: Deny non-members to view/edit/delet entries in business-sensetive communities - LJSUP-8332: incorrect working "LJ.XMLRPC.editevent"U trunk/cgi-bin/ljprotocol.pl
Modified: trunk/cgi-bin/ljprotocol.pl
===================================================================
--- trunk/cgi-bin/ljprotocol.pl 2011-03-23 11:06:15 UTC (rev 18687)
+++ trunk/cgi-bin/ljprotocol.pl 2011-03-23 11:36:19 UTC (rev 18688)
@@ -2400,6 +2400,8 @@
if $req->{security} &&
$req->{security} =~ /^(?:public|private|usemask)$/;
+ $qallowmask = $oldevent->{allowmask} unless defined $req->{'allowmask'};
+
my $do_tags = $req->{props} && defined $req->{props}->{taglist};
if ($oldevent->{security} ne $security || $qallowmask != $oldevent->{allowmask}) {
# FIXME: this is a hopefully temporary hack which deletes tags from the entry