diff --git a/app/Controller/Component/ACLComponent.php b/app/Controller/Component/ACLComponent.php index 2635c9aed..2c3529d9f 100644 --- a/app/Controller/Component/ACLComponent.php +++ b/app/Controller/Component/ACLComponent.php @@ -296,7 +296,10 @@ class ACLComponent extends Component 'perm_site_admin', ]], 'toggleSelected' => array('perm_site_admin'), - 'view' => array('*'), + 'view' => ['OR' => [ + 'host_org_user', + 'perm_site_admin', + ]], ), 'galaxies' => array( 'attachCluster' => array('perm_tagger'), diff --git a/app/Controller/FeedsController.php b/app/Controller/FeedsController.php index 63c5e47d3..25004e5c1 100644 --- a/app/Controller/FeedsController.php +++ b/app/Controller/FeedsController.php @@ -95,6 +95,11 @@ class FeedsController extends AppController } else { $data = $this->paginate(); } + foreach ($data as $i => $entry) { + if (!$this->_isSiteAdmin()) { + unset($data[$i]['Feed']['headers']); + } + } $this->loadModel('Event'); foreach ($data as $key => $value) { if ($value['Feed']['event_id'] != 0 && $value['Feed']['fixed_event']) { @@ -130,6 +135,9 @@ class FeedsController extends AppController 'recursive' => -1, 'contain' => array('Tag') )); + if (!$this->_isSiteAdmin()) { + unset($feed['Feed']['headers']); + } $feed['Feed']['cached_elements'] = $this->Feed->getCachedElements($feed['Feed']['id']); $feed['Feed']['coverage_by_other_feeds'] = $this->Feed->getFeedCoverage($feed['Feed']['id'], 'feed', 'all') . '%'; if ($this->_isRest()) { diff --git a/app/View/Feeds/index.ctp b/app/View/Feeds/index.ctp index a82cf5c08..6d7b713a8 100644 --- a/app/View/Feeds/index.ctp +++ b/app/View/Feeds/index.ctp @@ -144,7 +144,8 @@ array( 'name' => __('Headers'), 'class' => 'shortish', - 'data_path' => 'Feed.headers' + 'data_path' => 'Feed.headers', + 'requirement' => $isSiteAdmin ), array( 'name' => __('Target'),