- Patch #9543 by JonBob: added node-level access control!

author: Dries Buytaert <dries@buytaert.net> 2004-07-31 09:30:09 +0000
committer: Dries Buytaert <dries@buytaert.net> 2004-07-31 09:30:09 +0000
commit: 202eee42a929a0f48ce693e10943cc156ef5a7ef (patch)
tree: ae4b6845c42c09529c28dbe153acb21aca5eef6c /modules/story/story.module
parent: aed1b0ca9e89d085b557d2d1e61da2cf07ce6072 (diff)
download: brdo-202eee42a929a0f48ce693e10943cc156ef5a7ef.tar.gz
brdo-202eee42a929a0f48ce693e10943cc156ef5a7ef.tar.bz2
1 files changed, 4 insertions, 10 deletions
diff --git a/modules/story/story.module b/modules/story/story.module
index fced1d355..0efb933e3 100644
--- a/modules/story/story.module
+++ b/modules/story/story.module
@@ -55,20 +55,14 @@ function story_perm() {
 function story_access($op, $node) {
   global $user;
 
-  if ($op == 'view') {
-    return $node->status;
-  }
-
   if ($op == 'create') {
     return user_access('create stories');
   }
 
-  if ($op == 'update') {
-    return user_access('edit own stories') && ($user->uid == $node->uid);
-  }
-
-  if ($op == 'delete') {
-    return user_access('edit own stories') && ($user->uid == $node->uid);
+  if ($op == 'update' || $op == 'delete') {
+    if (user_access('edit own stories') && ($user->uid == $node->uid)) {
+      return TRUE;
+    }
   }
 }
author	Dries Buytaert <dries@buytaert.net>	2004-07-31 09:30:09 +0000
committer	Dries Buytaert <dries@buytaert.net>	2004-07-31 09:30:09 +0000
commit	202eee42a929a0f48ce693e10943cc156ef5a7ef (patch)
tree	ae4b6845c42c09529c28dbe153acb21aca5eef6c /modules/story/story.module
parent	aed1b0ca9e89d085b557d2d1e61da2cf07ce6072 (diff)
download	brdo-202eee42a929a0f48ce693e10943cc156ef5a7ef.tar.gz brdo-202eee42a929a0f48ce693e10943cc156ef5a7ef.tar.bz2