Pepelac
Well-known member
The canEditResource method will not work correctly if user has no permission to edit own resources, but has permission to edit resources by anyone.
I suggest to change this method (and possibly others) in this way
I suggest to change this method (and possibly others) in this way
PHP:
public function canEditResource(array $resource, array $category, &$errorPhraseKey = '', array $viewingUser = null)
{
$this->standardizeViewingUserReference($viewingUser);
if (!$viewingUser['user_id'])
{
return false;
}
$updateSelf = false;
if ($resource['user_id'] == $viewingUser['user_id'])
{
$updateSelf = XenForo_Permission::hasPermission($viewingUser['permissions'], 'resource', 'updateSelf');
}
return $updateSelf || XenForo_Permission::hasPermission($viewingUser['permissions'], 'resource', 'editAny');
}