...and apply first ACL bugfix to relater/stexaminer

[scpubgit/stemmaweb.git] / lib / stemmaweb / Controller / Stexaminer.pm

diff --git a/lib/stemmaweb/Controller/Stexaminer.pm b/lib/stemmaweb/Controller/Stexaminer.pm
index d40ecbc..36679ee 100644 (file)
--- a/lib/stemmaweb/Controller/Stexaminer.pm
+++ b/lib/stemmaweb/Controller/Stexaminer.pm
@@ -102,18 +102,20 @@ sub _check_permission {
     my $user = $c->user_exists ? $c->user->get_object : undef;
     if( $user ) {
        $c->stash->{'permission'} = 'full'
-               if( $user->is_admin || $tradition->user->id eq $user->id );
+               if( $user->is_admin || 
+                       ( $tradition->has_user && $tradition->user->id eq $user->id ) );
        return 1;
-    } elsif( $tradition->public ) {
+    } 
+    # Is it public?
+    if( $tradition->public ) {
        $c->stash->{'permission'} = 'readonly';
        return 1;
-    } else {
-       # Forbidden!
-       $c->response->status( 403 );
-       $c->response->body( 'You do not have permission to view this tradition.' );
-       $c->detach( 'View::Plain' );
-       return 0;
-    }
+    } 
+       # Forbidden!
+       $c->response->status( 403 );
+       $c->response->body( 'You do not have permission to view this tradition.' );
+       $c->detach( 'View::Plain' );
+       return 0;
 }
 
 =head2 graphsvg