Don't allow read access to "public" sets; this is a holdover from old…

…en tymes and has the effect in current versions of Pawtucket that any front-end created set is readable by any user. This was intentional once upon a time but is definitely counter intuitive and undesirable in the current UI
collectiveaccess · Oct 27, 2021 · 2c2e931 · 2c2e931
1 parent 73a2071
commit 2c2e931
Showing 1 changed file with 1 addition and 5 deletions.
diff --git a/app/models/ca_sets.php b/app/models/ca_sets.php
@@ -7,7 +7,7 @@
  * ----------------------------------------------------------------------
  *
  * Software by Whirl-i-Gig (http://www.whirl-i-gig.com)
- * Copyright 2009-2019 Whirl-i-Gig
+ * Copyright 2009-2021 Whirl-i-Gig
  *
  * For more information visit http://www.CollectiveAccess.org
  *
@@ -1016,10 +1016,6 @@ public function haveAccessToSet($pn_user_id, $pn_access, $pn_set_id=null, $pa_op
 			return ca_sets::$s_have_access_to_set_cache[$vn_set_id.'/'.$pn_user_id.'/'.$pn_access] = true;
 		}
 
-		if (($t_set->get('access') > 0) && ($pn_access == __CA_SET_READ_ACCESS__)) {	 // public sets are readable by all
-			return ca_sets::$s_have_access_to_set_cache[$vn_set_id.'/'.$pn_user_id.'/'.$pn_access] = true; 
-		}
-
 		//
 		// If user is admin or has set admin privs allow them access to the set
 		//