From 2c2e931c9ae7722a2ca589c0b351b830aae73420 Mon Sep 17 00:00:00 2001 From: Seth Date: Tue, 26 Oct 2021 23:20:49 -0400 Subject: [PATCH] Don't allow read access to "public" sets; this is a holdover from olden tymes and has the effect in current versions of Pawtucket that any front-end created set is readable by any user. This was intentional once upon a time but is definitely counter intuitive and undesirable in the current UI --- app/models/ca_sets.php | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/app/models/ca_sets.php b/app/models/ca_sets.php index e43e4641e1..aa9e0f941e 100644 --- a/app/models/ca_sets.php +++ b/app/models/ca_sets.php @@ -7,7 +7,7 @@ * ---------------------------------------------------------------------- * * Software by Whirl-i-Gig (http://www.whirl-i-gig.com) - * Copyright 2009-2019 Whirl-i-Gig + * Copyright 2009-2021 Whirl-i-Gig * * For more information visit http://www.CollectiveAccess.org * @@ -1016,10 +1016,6 @@ public function haveAccessToSet($pn_user_id, $pn_access, $pn_set_id=null, $pa_op return ca_sets::$s_have_access_to_set_cache[$vn_set_id.'/'.$pn_user_id.'/'.$pn_access] = true; } - if (($t_set->get('access') > 0) && ($pn_access == __CA_SET_READ_ACCESS__)) { // public sets are readable by all - return ca_sets::$s_have_access_to_set_cache[$vn_set_id.'/'.$pn_user_id.'/'.$pn_access] = true; - } - // // If user is admin or has set admin privs allow them access to the set //