From 7d222acdfa43cc5f40e43ea44ef2f921824e0576 Mon Sep 17 00:00:00 2001
From: bnu <bnufactory@gmail.com>
Date: Thu, 10 Aug 2017 16:09:03 +0900
Subject: [PATCH] =?UTF-8?q?#2126=20=EB=AC=B8=EC=84=9C=20=EC=8A=A4=ED=81=AC?=
 =?UTF-8?q?=EB=9E=A9=20=EA=B8=B0=EB=8A=A5=EC=97=90=EC=84=9C=20=EA=B2=8C?=
 =?UTF-8?q?=EC=8B=9C=ED=8C=90=EC=9D=98=20=EB=AA=A9=EB=A1=9D=20=EB=B3=B4?=
 =?UTF-8?q?=EA=B8=B0=20=EA=B6=8C=ED=95=9C=EA=B3=BC=20=EC=83=81=EB=8B=B4=20?=
 =?UTF-8?q?=EA=B8=B0=EB=8A=A5=20=EC=82=AC=EC=9A=A9=20=EC=8B=9C=20=EA=B6=8C?=
 =?UTF-8?q?=ED=95=9C=20=ED=99=95=EC=9D=B8?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 modules/member/member.controller.php | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/modules/member/member.controller.php b/modules/member/member.controller.php
index 817c25aa4..7b87d5a74 100644
--- a/modules/member/member.controller.php
+++ b/modules/member/member.controller.php
@@ -140,12 +140,30 @@ class memberController extends member
 		}
 
 		// 모듈 권한 확인
-		$grant = $oModuleModel->getGrant($oModuleModel->getModuleInfoByModuleSrl($oDocument->get('module_srl')), $logged_info);
+		$module_info = $oModuleModel->getModuleInfoByModuleSrl($oDocument->get('module_srl'));
+		$grant = $oModuleModel->getGrant($module_info, $logged_info);
+
 		if(!$grant->access)
 		{
 			return new Object(-1, 'msg_not_permitted');
 		}
 
+		// 게시판 모듈에서 글 목록 보기 권한이 없으면 스크랩 제한
+		if($module_info->module === 'board' && isset($grant->list) && !$grant->list)
+		{
+			return new Object(-1, 'msg_not_permitted');
+		}
+
+		// 게시판 모듈에서 상담 기능 사용 시 권한이 없는 게시물(타인의 게시물) 스크랩 제한
+		if($module_info->module === 'board' &&
+			$module_info->consultation === 'Y' &&
+			isset($grant->consultation_read) &&
+			!$grant->consultation_read && !$oDocument->isGranted()
+		)
+		{
+			return new Object(-1, 'msg_not_permitted');
+		}
+
 		// Variables
 		$args = new stdClass();
 		$args->document_srl = $document_srl;