From e3933f0ac593d86cb4cf8e313fb74d9aec4ca613 Mon Sep 17 00:00:00 2001
From: Peter Rotich <peter@osticket.com>
Date: Fri, 17 Jan 2014 04:19:23 +0000
Subject: [PATCH] Check if the user is a collaborator

---
 include/class.ticket.php | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/include/class.ticket.php b/include/class.ticket.php
index fd9da00ca..e637743a4 100644
--- a/include/class.ticket.php
+++ b/include/class.ticket.php
@@ -160,7 +160,6 @@ class Ticket {
     }
 
     function checkUserAccess($user) {
-        global $cfg;
 
         if (!$user || !($user instanceof EndUser))
             return false;
@@ -169,9 +168,16 @@ class Ticket {
         if ($user->getId() == $this->getUserId())
             return true;
 
-        //Collaborator
-        if (!strcasecmp($user->getRole(), 'collaborator')
-                && $user->getTicketId() == $this->getId())
+        //Collaborator?
+        // 1) If the user was authorized via this ticket.
+        if ($user->getTicketId() == $this->getId()
+                && !strcasecmp($user->getRole(), 'collaborator'))
+            return true;
+
+        // 2) Query the database to check for expanded access...
+        if (Collaborator::lookup(array(
+                        'userId' => $user->getId(),
+                        'ticketId' => $this->getId())))
             return true;
 
         return false;
-- 
GitLab