Changes to authorisation requirements

2020-08-10 18:07:13 +01:00
parent 25874c2803
commit 98cd714a1b
2 changed files with 10 additions and 2 deletions
--- a/app/public/actions/close.php
+++ b/app/public/actions/close.php
@@ -4,7 +4,11 @@

    $request = get_request($db, $_GET['rid']);
    $authorised_users = get_subscribers($db, $request);
-    $is_authorised = isAuthorised($_SESSION['uuid'], $authorised_users, $request);
+    if ($_SESSION['uuid'] == $request['created_by']) {
+      $is_authorised = true;
+    } else {
+      $is_authorised = false;
+    };

    // Close request
    if ($is_authorised == true) {
--- a/app/public/actions/reopen.php
+++ b/app/public/actions/reopen.php
@@ -4,7 +4,11 @@

    $request = get_request($db, $_GET['rid']);
    $authorised_users = get_subscribers($db, $request);
-    $is_authorised = isAuthorised($_SESSION['uuid'], $authorised_users, $request);
+    if ($_SESSION['uuid'] == $request['created_by']) {
+      $is_authorised = true;
+    } else {
+      $is_authorised = false;
+    };

    // Close request
    if ($is_authorised == true) {