From 70e1265bcfb672bce9398fdae48aba686dae827a Mon Sep 17 00:00:00 2001
From: Robert Sesek <rsesek@bluestatic.org>
Date: Thu, 23 Nov 2006 20:31:17 +0000
Subject: [PATCH] r1310: Reorganizing the permission checks to be in a smarter
 order so we don't check things twice and check other things (like the
 permissions of a nonexistent bug) unnecessarily.

---
 showreport.php | 11 +++--------
 1 file changed, 3 insertions(+), 8 deletions(-)

diff --git a/showreport.php b/showreport.php
index 11a1bb7..fe23762 100644
--- a/showreport.php
+++ b/showreport.php
@@ -71,14 +71,6 @@ $bug = $db->query_first("
 	WHERE bug.bugid = $bugid"
 );
 
-if (!can_perform('canviewbugs', $bug['product']))
-{
-	$message->error_permission();
-}
-
-$show['edit'] = ((can_perform('caneditown', $bug['product']) AND $bugsys->userinfo['userid'] == $bug['userid'] AND $bug['userid'] != 0) OR (can_perform('caneditother', $bug['product']) AND $bugsys->userinfo['userid'] != $bug['userid']));
-$show['delete'] = can_perform('candeletedata', $bug['product']);
-
 if (!is_array($bug))
 {
 	$message->error(L_INVALID_ID);
@@ -89,6 +81,9 @@ if (!check_bug_permissions($bug))
 	$message->error_permission();
 }
 
+$show['edit'] = ((can_perform('caneditown', $bug['product']) AND $bugsys->userinfo['userid'] == $bug['userid'] AND $bug['userid'] != 0) OR (can_perform('caneditother', $bug['product']) AND $bugsys->userinfo['userid'] != $bug['userid']));
+$show['delete'] = can_perform('candeletedata', $bug['product']);
+
 // ###################################################################
 // edit display
 if ($show['edit'])
-- 
2.22.5