From 346006f68470e15c1d2bcfd1e7d3f24caa9d1e7c Mon Sep 17 00:00:00 2001
From: Dennis Eichhorn <spl1nes.com@googlemail.com>
Date: Sat, 16 Sep 2017 11:47:52 +0200
Subject: [PATCH] Fix permission condition

---
 Controller.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Controller.php b/Controller.php
index 100277c..df1c5cb 100644
--- a/Controller.php
+++ b/Controller.php
@@ -183,8 +183,8 @@ class Controller extends ModuleAbstract implements WebInterface
         $doc = EditorDocMapper::get((int) $request->getData('id'));
         $accountId = $request->getHeader()->getAccount();
         
-        if (!$doc->getCreatedBy()->getId() === $accountId
-            || !$this->app->accountManager->get($accountId)->hasPermission(
+        if ($doc->getCreatedBy()->getId() !== $accountId
+            && !$this->app->accountManager->get($accountId)->hasPermission(
                 PermissionType::READ, 1, $this->app->appName, self::MODULE_ID, PermissionState::DOC, $doc->getId())
         ) {
             $view->setTemplate('/Web/Backend/Error/403_inline');