By default, document actions require the ktcore.permissions.read

permission to display and to be called. git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@4045 c91229c3-7414-0410-bfa2-8a42b809f60b

By default, document actions require the ktcore.permissions.read
permission to display and to be called. git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@4045 c91229c3-7414-0410-bfa2-8a42b809f60b
Neil Blakey-Milner
1 parent bcccc09b
Showing 1 changed file with 4 additions and 1 deletions
lib/actions/documentaction.inc.php
@@ -9,7 +9,7 @@ class KTDocumentAction extends KTStandardDispatcher {
     var $sDescription;
     var $sDisplayName;
  
-    var $_sShowPermission;
+    var $_sShowPermission = "ktcore.permissions.read";
     var $_sDisablePermission;
  
     var $_bDisabled;
@@ -99,6 +99,9 @@ class KTDocumentAction extends KTStandardDispatcher {
  
     function check() {
         $this->oDocument =& $this->oValidator->validateDocument($_REQUEST['fDocumentId']);
+        if ($this->_show() === false) {
+            return false;
+        }
         return true;
     }