From 69977c53ae24b505226bcb77f7463dc19273c3e1 Mon Sep 17 00:00:00 2001
From: garvinhicking <garvinhicking>
Date: Wed, 14 Sep 2005 08:28:44 +0000
Subject: [PATCH] Some more ACL pushing.

---
 include/functions_config.inc.php | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/include/functions_config.inc.php b/include/functions_config.inc.php
index ee89d55..9b6cf0a 100644
--- a/include/functions_config.inc.php
+++ b/include/functions_config.inc.php
@@ -1016,7 +1016,9 @@ function serendipity_ACLCheck($authorid, $artifact_id, $artifact_type, $artifact
         case 'category':
             $artifact_sql['unique']= "atf.categoryid";
             $artifact_sql['cond']  = "atf.categoryid = " . (int)$artifact_id;
-            $artifact_sql['where'] = "OR a.artifact_type IS NULL AND (atf.authorid = " . (int)$authorid . " OR atf.authorid = 0)";
+            $artifact_sql['where'] = "     ag.groupid = a.groupid 
+                                        OR a.groupid  = 0 
+                                        OR (a.artifact_type IS NULL AND (atf.authorid = " . (int)$authorid . " OR atf.authorid = 0))";
             $artifact_sql['table'] = 'category';
     }
     
@@ -1028,7 +1030,6 @@ function serendipity_ACLCheck($authorid, $artifact_id, $artifact_type, $artifact
                 ON (    a.artifact_type = '" . serendipity_db_escape_string($artifact_type) . "' 
                     AND a.artifact_id   = " . (int)$artifact_id . "
                     AND a.artifact_mode = '" . serendipity_db_escape_string($artifact_mode) . "' 
-                    AND (ag.groupid = a.groupid OR a.groupid = 0) 
                    )
 
              WHERE {$artifact_sql['cond']} 
@@ -1072,7 +1073,6 @@ function serendipity_ACL_SQL(&$cond, $append_category = false) {
                                    ON (    acl_acc.artifact_mode = 'read' 
                                        AND acl_acc.artifact_type = 'category'
                                        AND acl_acc.artifact_id   = c.categoryid 
-                                       AND acl_acc.groupid       = " . $read_id_sql . "
                                       )";
 
         if (empty($cond['and'])) {
@@ -1084,6 +1084,7 @@ function serendipity_ACL_SQL(&$cond, $append_category = false) {
         // When in Admin-Mode, apply readership permissions.
         $cond['and'] .= "    (
                                  c.categoryid IS NULL 
+                                 OR ( acl_acc.groupid = " . $read_id_sql . " )
                                  OR ( acl_acc.artifact_id IS NULL 
                                       " . (isset($serendipity['GET']['adminModule']) && 
                                            $serendipity['GET']['adminModule'] == 'entries' && 
-- 
2.39.5