From 3108ddac250929b6237f299d53a96bcdea819272 Mon Sep 17 00:00:00 2001
From: "Michael J. Rubinsky" <mrubinsk@horde.org>
Date: Thu, 10 Sep 2009 10:26:20 -0400
Subject: [PATCH] Add basic permission checking to Kronolith::listResources()

---
 kronolith/lib/Kronolith.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/kronolith/lib/Kronolith.php b/kronolith/lib/Kronolith.php
index a7871be49..1d82f7c95 100644
--- a/kronolith/lib/Kronolith.php
+++ b/kronolith/lib/Kronolith.php
@@ -2028,15 +2028,15 @@ class Kronolith
     }
 
     /**
-     * Return a list of resources that the current user has access to administer.
+     * Return a list of resources that the current user has access to at the
+     * specified permission level. Right now, all users have PERMS_READ, but
+     * only system admins have PERMS_EDIT | PERMS_DELETE
      *
      * @return array of Kronolith_Resource objects
      */
-    static public function listResources($params = array())
+    static public function listResources($perms = PERMS_READ, $params = array())
     {
-        // For now, keep this check here. Maybe move this to the resource
-        // driver object?
-        if (!Horde_Auth::isAdmin()) {
+        if (($perms & (PERMS_EDIT | PERMS_DELETE)) && !Horde_Auth::isAdmin()) {
             return array();
         }
 
-- 
2.11.0