From a12d270667df81d81f641c88fd924cd5fd99edfd Mon Sep 17 00:00:00 2001
From: francis <francis>
Date: Tue, 30 Jun 2009 14:28:25 +0000
Subject: Use caching that allows pre-authentication. Add test code for hidden
 requests. Make super users able to view hidden requests.

---
 app/models/info_request.rb | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'app/models/info_request.rb')

diff --git a/app/models/info_request.rb b/app/models/info_request.rb
index 9d14e70d2..aa9b49c83 100644
--- a/app/models/info_request.rb
+++ b/app/models/info_request.rb
@@ -24,7 +24,7 @@
 # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
 # Email: francis@mysociety.org; WWW: http://www.mysociety.org/
 #
-# $Id: info_request.rb,v 1.196 2009-06-27 02:25:31 francis Exp $
+# $Id: info_request.rb,v 1.197 2009-06-30 14:28:26 francis Exp $
 
 require 'digest/sha1'
 require File.join(File.dirname(__FILE__),'../../vendor/plugins/acts_as_xapian/lib/acts_as_xapian')
@@ -819,10 +819,10 @@ public
     end
 
     def user_can_view?(user)
-        return self.prominence != 'hidden'
-        # || self.is_owning_user?(user) # XXX this doesn't work, as have to
-        # mess with caching of HTML versions - need to change from using
-        # caches_pages in the request controller first.
+        if self.prominence == 'hidden' 
+            return User.view_hidden_requests?(user)
+        end
+        return true
     end
 
     # This is called from cron regularly.
-- 
cgit v1.2.3