From b6d394e982255132ef3727c8bd2b3dae0c5ec67d Mon Sep 17 00:00:00 2001
From: jwacalex <ich-bin@jwacalex.de>
Date: Tue, 11 Apr 2017 17:25:34 +0200
Subject: first fix for #317. hidden rooms can be seen with admin_rooms
 priviledge

---
 includes/controller/rooms_controller.php | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'includes/controller')

diff --git a/includes/controller/rooms_controller.php b/includes/controller/rooms_controller.php
index a79034fb..bba38bb5 100644
--- a/includes/controller/rooms_controller.php
+++ b/includes/controller/rooms_controller.php
@@ -16,8 +16,14 @@ function room_controller() {
   if (! in_array('view_rooms', $privileges)) {
     redirect(page_link_to());
   }
-  
+
+
   $room = load_room();
+
+  if($room['show'] != 'Y' && !in_array('admin_rooms', $privileges)) {
+      redirect(page_link_to());
+  }
+
   $all_shifts = Shifts_by_room($room);
   $days = [];
   foreach ($all_shifts as $shift) {
-- 
cgit v1.2.3-54-g00ecf