From 01c51aef2fffdc0387f51b76da32f50fcb623ee1 Mon Sep 17 00:00:00 2001
From: bradymiller <bradymiller@users.sourceforge.net>
Date: Sun, 16 Sep 2012 11:18:59 -0700
Subject: [PATCH] bug fix in appointment setting authorization

---
 interface/main/calendar/add_edit_event.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/interface/main/calendar/add_edit_event.php b/interface/main/calendar/add_edit_event.php
index 735c9fd51..06d223e8d 100644
--- a/interface/main/calendar/add_edit_event.php
+++ b/interface/main/calendar/add_edit_event.php
@@ -33,7 +33,10 @@
  require_once("$srcdir/acl.inc");
 
  $my_permission = acl_check('patients', 'appt');
- if ($my_permission !== 'write' && $my_permission !== 'wsome')
+// Add these restrictions back using new acl return value parameter when
+//  that mechanism is added to codebase.
+// if ($my_permission !== 'write' && $my_permission !== 'wsome')
+ if (!$my_permission)
    die(xl('Access not allowed'));
 
  // Things that might be passed by our opener.
-- 
2.11.4.GIT