From 4b350b909025ba2102d5ad2c5ee32b3c4eecaa48 Mon Sep 17 00:00:00 2001
From: Andrew Manning <tamanning@zoho.com>
Date: Sun, 29 May 2016 21:23:56 -0400
Subject: Fixed bug in access control. Hide new wiki/page buttons if not
 channel owner.

---
 include/wiki.php | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

(limited to 'include')

diff --git a/include/wiki.php b/include/wiki.php
index 54644dd18..70788eed2 100644
--- a/include/wiki.php
+++ b/include/wiki.php
@@ -8,11 +8,7 @@ use \Zotlabs\Storage\GitRepo as GitRepo;
 define ( 'WIKI_ITEM_RESOURCE_TYPE', 'wiki' );
 
 function wiki_list($channel, $observer_hash) {
-	if (local_channel() || remote_channel()) {
-		$sql_extra = item_permissions_sql($channel['channel_id'], $observer_hash);
-	} else {
-		$sql_extra = " AND item_private = 0 ";
-	}
+	$sql_extra = item_permissions_sql($channel['channel_id'], $observer_hash);
 	$wikis = q("SELECT * FROM item WHERE resource_type = '%s' AND mid = parent_mid AND item_deleted = 0 $sql_extra", 
 			dbesc(WIKI_ITEM_RESOURCE_TYPE)
 	);
-- 
cgit v1.2.3