Fixed privileges in user view

2014-05-06 19:03:13 +02:00 · 2014-05-06 19:03:13 +02:00 · 42b8049ae5
commit 42b8049ae5
parent e610963d4b
1 changed files with 10 additions and 2 deletions
--- a/src/Controllers/UserController.php
+++ b/src/Controllers/UserController.php
@ -33,9 +33,17 @@ class UserController
 			$query = 'fav:' . $user->getName();

 		elseif ($tab == 'delete')
-			Access::assert(new Privilege(Privilege::DeleteUser));
+		{
+			Access::assert(new Privilege(
+				Privilege::DeleteUser,
+				Access::getIdentity($user)));
+		}
 		elseif ($tab == 'settings')
-			Access::assert(new Privilege(Privilege::ChangeUserSettings));
+		{
+			Access::assert(new Privilege(
+				Privilege::ChangeUserSettings,
+				Access::getIdentity($user)));
+		}
 		elseif ($tab == 'edit' and !(new EditUserJob)->canEditAnything(Auth::getCurrentUser()))
 			Access::fail();