Added missing permission validation

diff --git a/wcfsetup/install/files/lib/data/user/User.class.php b/wcfsetup/install/files/lib/data/user/User.class.php
index 76bb555704e23e3aafddb062b7b5e72c00a65e78..0a51b307a4a5e122fc0b7452e2ef2a4d56ef7094 100644 (file)
--- a/wcfsetup/install/files/lib/data/user/User.class.php
+++ b/wcfsetup/install/files/lib/data/user/User.class.php
@@ -368,4 +368,13 @@ final class User extends DatabaseObject implements IRouteController {
                
                return $language;
        }
+       
+       /**
+        * Returns true, if the active user can edit this user.
+        * 
+        * @return      boolean
+        */
+       public function canEdit() {
+               return (WCF::getSession()->getPermission('admin.user.canEditUser') && UserGroup::isAccessibleGroup($this->getGroupIDs()));
+       }
 }