use default post permissions when coming from api - unless permissions are explicitly set.
This commit is contained in:
parent
034038849c
commit
3afa248238
1 changed files with 11 additions and 0 deletions
11
mod/item.php
11
mod/item.php
|
@ -139,6 +139,17 @@ function item_post(&$a) {
|
|||
if(count($r))
|
||||
$user = $r[0];
|
||||
|
||||
if(($api_source)
|
||||
&& (! array_key_exists('allow_cid',$_REQUEST))
|
||||
&& (! array_key_exists('allow_gid',$_REQUEST))
|
||||
&& (! array_key_exists('deny_cid',$_REQUEST))
|
||||
&& (! array_key_exists('deny_gid',$_REQUEST))) {
|
||||
$str_group_allow = $user['allow_gid'];
|
||||
$str_contact_allow = $user['allow_cid'];
|
||||
$str_group_deny = $user['deny_gid'];
|
||||
$str_contact_deny = $user['deny_cid'];
|
||||
}
|
||||
|
||||
if($orig_post) {
|
||||
$str_group_allow = $orig_post['allow_gid'];
|
||||
$str_contact_allow = $orig_post['allow_cid'];
|
||||
|
|
Loading…
Reference in a new issue