From cf42178977b7513bfd65aaede1b29a9a2a32c53b Mon Sep 17 00:00:00 2001
From: j2blake <j2blake@440791e1-c2bf-4c1e-ad7c-caf3f8b0ebe8>
Date: Thu, 14 Jul 2011 17:51:22 +0000
Subject: [PATCH] NIHVIVO-2476 DisplayRestrictedDataByRoleLevelPolicy should
 treat self-editors like the public. Let policies that are specifically for
 self-editors handle the interesting logic.

---
 .../policy/DisplayRestrictedDataByRoleLevelPolicy.java | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/DisplayRestrictedDataByRoleLevelPolicy.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/DisplayRestrictedDataByRoleLevelPolicy.java
index 908d90254..eaea0a599 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/DisplayRestrictedDataByRoleLevelPolicy.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/DisplayRestrictedDataByRoleLevelPolicy.java
@@ -51,6 +51,14 @@ public class DisplayRestrictedDataByRoleLevelPolicy implements PolicyIface {
 		}
 
 		RoleLevel userRole = HasRoleLevel.getUsersRoleLevel(whoToAuth);
+		/*
+		 * This policy treats a self-editor as no better than public. If you
+		 * want self-editors to see their own properties, some other policy must
+		 * grant that.
+		 */
+		if (userRole == RoleLevel.SELF) {
+			userRole = RoleLevel.PUBLIC;
+		}
 
 		PolicyDecision result;
 		if (whatToAuth instanceof DisplayDataProperty) {
@@ -66,7 +74,7 @@ public class DisplayRestrictedDataByRoleLevelPolicy implements PolicyIface {
 		} else {
 			result = defaultDecision("Unrecognized action");
 		}
-		
+
 		log.debug("decision for '" + whatToAuth + "' is " + result);
 		return result;
 	}