From 78bffb1348fdb937e1d64599c1beb990aaa9f5c6 Mon Sep 17 00:00:00 2001
From: SimonGschnell <simongschnell@gmail.com>
Date: Mon, 12 Feb 2024 14:08:26 +0100
Subject: [PATCH] little bugfix

---
 application/controllers/Cis/ProfilUpdate.php | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/application/controllers/Cis/ProfilUpdate.php b/application/controllers/Cis/ProfilUpdate.php
index 0cc5cb05b..93167a0b3 100755
--- a/application/controllers/Cis/ProfilUpdate.php
+++ b/application/controllers/Cis/ProfilUpdate.php
@@ -15,7 +15,7 @@ class ProfilUpdate extends Auth_Controller
 			'getProfilUpdateWithPermission' => ['student/stammdaten:r','mitarbeiter/stammdaten:r'],
 			'acceptProfilRequest'=>['student/stammdaten:rw','mitarbeiter/stammdaten:rw'],
 			'denyProfilRequest'=>['student/stammdaten:rw','mitarbeiter/stammdaten:rw'],
-			'show'=>['student/anrechnung_beantragen:r'],
+			'show'=>['student/anrechnung_beantragen:r','user:r'],
 		
 			'insertProfilRequest' => ['student/anrechnung_beantragen:r', 'user:r'],
 			'updateProfilRequest' => ['student/anrechnung_beantragen:r', 'user:r'],
@@ -51,21 +51,20 @@ class ProfilUpdate extends Auth_Controller
 	}
 
 	public function show($dms_id){
-		
+	
 		$profil_update = $this->ProfilUpdateModel->loadWhere(['attachment_id'=>$dms_id]);
 		$profil_update = hasData($profil_update) ? getData($profil_update)[0] : null;
 		
 		//? checks if an profil update exists with the dms_id requested from the user
 		if($profil_update){ 
-			$is_mitarbeiter_profil_update = $this->MitarbeiterModel->isMitarbeiter($profil_update->uid);
-			$is_student_profil_update = $this->StudentModel->isStudent($profil_update->uid);
-
+			$is_mitarbeiter_profil_update = getData($this->MitarbeiterModel->isMitarbeiter($profil_update->uid));
+			$is_student_profil_update = getData($this->StudentModel->isStudent($profil_update->uid));
+			
 			if(
 				$this->permissionlib->isBerechtigt('student/stammdaten:r') && $is_student_profil_update || 
 				$this->permissionlib->isBerechtigt('mitarbeiter/stammdaten:r') && $is_mitarbeiter_profil_update || 
 				$this->uid == $profil_update->uid)
 			{
-
 				// Get file to be downloaded from DMS
 				$newFilename= $this->uid."/document_".$dms_id;
 				$download = $this->dmslib->download($dms_id, $newFilename);