show and edit only those collections which are writable for user

diff --git a/webclient/lib/managecollections.class.php b/webclient/lib/managecollections.class.php
index 44585ea160826b3cff89a48e5cb881b415bd9039..a31328e159f92f82afee4ecc655915392efb36ed 100644 (file)
--- a/webclient/lib/managecollections.class.php
+++ b/webclient/lib/managecollections.class.php
@@ -89,7 +89,7 @@ class ManageCollections {
                                        FROM `".DB_PREFIX."_collection` AS c
                                        LEFT JOIN `".DB_PREFIX."_user` AS u ON `c`.`owner` = `u`.`id`
                                        LEFT JOIN `".DB_PREFIX."_group` AS g ON `c`.`group` = `g`.`id`
-                                       WHERE ".$this->_User->getSQLRightsString("read", "c")."
+                                       WHERE ".$this->_User->getSQLRightsString("write", "c")."
                                        ORDER BY `c`.`name`";
                if(QUERY_DEBUG) error_log("[QUERY] ".__METHOD__." query: ".var_export($queryStr,true));
                try {
@@ -282,7 +282,7 @@ class ManageCollections {
                                        FROM `".DB_PREFIX."_collection` AS c
                                        LEFT JOIN `".DB_PREFIX."_user` AS u ON `c`.`owner` = `u`.`id`
                                        LEFT JOIN `".DB_PREFIX."_group` AS g ON `c`.`group` = `g`.`id`
-                                       WHERE ".$this->_User->getSQLRightsString("read", "c")."
+                                       WHERE ".$this->_User->getSQLRightsString("write", "c")."
                                        AND `c`.`id` = '".$this->_DB->real_escape_string($id)."'";
                        if(QUERY_DEBUG) error_log("[QUERY] ".__METHOD__." query: ".var_export($queryStr,true));
                        try {