diff options
author | Yorhel <git@yorhel.nl> | 2009-08-12 16:02:26 +0200 |
---|---|---|
committer | Yorhel <git@yorhel.nl> | 2009-08-12 16:02:26 +0200 |
commit | ef6e1d16bf0e6be3dde6f28d645a10fd89f0de6b (patch) | |
tree | a9a7f261abe409f4988b00abe1f15848d0a87ebb /lib/VNDB/Handler/ULists.pm | |
parent | e8ed9663331278c6bd555f7a69c45e84fc4bb34e (diff) |
Allow a usermod to browse a users' list even when it's hidden
To make sure we can still see a troll if he marks his list as hidden.
Only admins have this usermod privilege, and admins are assumed to have
raw SQL access anyway.
Diffstat (limited to 'lib/VNDB/Handler/ULists.pm')
-rw-r--r-- | lib/VNDB/Handler/ULists.pm | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/VNDB/Handler/ULists.pm b/lib/VNDB/Handler/ULists.pm index 05b1f60f..2d8e0e0d 100644 --- a/lib/VNDB/Handler/ULists.pm +++ b/lib/VNDB/Handler/ULists.pm @@ -99,7 +99,7 @@ sub wishlist { my $own = $self->authInfo->{id} && $self->authInfo->{id} == $uid; my $u = $self->dbUserGet(uid => $uid)->[0]; - return 404 if !$u || !$own && !$u->{show_list}; + return 404 if !$u || !$own && !($u->{show_list} || $self->authCan('usermod')); my $f = $self->formValidate( { name => 'p', required => 0, default => 1, template => 'int' }, @@ -198,7 +198,7 @@ sub vnlist { my $own = $self->authInfo->{id} && $self->authInfo->{id} == $uid; my $u = $self->dbUserGet(uid => $uid)->[0]; - return 404 if !$u || !$own && !$u->{show_list}; + return 404 if !$u || !$own && !($u->{show_list} || $self->authCan('usermod')); my $f = $self->formValidate( { name => 'p', required => 0, default => 1, template => 'int' }, |