diff options
| -rw-r--r-- | app/controller/obj.control.php | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/app/controller/obj.control.php b/app/controller/obj.control.php index 08172b5..74288ee 100644 --- a/app/controller/obj.control.php +++ b/app/controller/obj.control.php @@ -31,6 +31,9 @@ class Obj extends Controller $mod = new ObjModel(); $obj = new DBObject($argv[0]); + if (!$obj->canAccess($this->getCurrentUser())) + throw new Exception("You do not have permission to access this object"); + switch ($obj->type) { case "group": |