From a81ee98706ff11231e6d708270e2fb1c97775650 Mon Sep 17 00:00:00 2001
From: Florent Bruneau <florent.bruneau@polytechnique.org>
Date: Fri, 17 Sep 2010 16:38:59 +0200
Subject: [PATCH] User::canEdit takes user permissions into account.

Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
---
 classes/user.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/classes/user.php b/classes/user.php
index 8551cbd..c265bf0 100644
--- a/classes/user.php
+++ b/classes/user.php
@@ -331,8 +331,9 @@ class User extends PlUser
      */
     public function canEdit(Profile $profile)
     {
-        // XXX: Check permissions (e.g. secretary permission)
-        //      and flags from the profile
+        if ($this->checkPerms(User::PERM_EDIT_DIRECTORY)) {
+            return true;
+        }
         return XDB::fetchOneCell('SELECT  pid
                                     FROM  account_profiles
                                    WHERE  uid = {?} AND pid = {?}',
-- 
2.1.4