From ef61cbcb3e51a2a555461c8ce4d4e5b5c7f4cac8 Mon Sep 17 00:00:00 2001
From: Thomas Rubini <74205383+ThomasRubini@users.noreply.github.com>
Date: Tue, 24 Jan 2023 20:12:16 +0100
Subject: [PATCH] allow admins to edit any recipe

---
 Controllers/RecipeController.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/Controllers/RecipeController.php b/Controllers/RecipeController.php
index 51962c3..d57a834 100644
--- a/Controllers/RecipeController.php
+++ b/Controllers/RecipeController.php
@@ -41,7 +41,9 @@ final class RecipeController
         }
 
         if ($A_recipe["AUTHOR_ID"] !== $_SESSION["ID"]) {
-            throw new HTTPSpecialCaseException(400, "You are not the owner of this recipe");
+            if(!Session::is_admin()){
+                throw new HTTPSpecialCaseException(400, "You are not the owner of this recipe");
+            }
         }
 
         View::show("recipe/edit", array("POST_URI" => "/recipe/update", "RECIPE" => $A_recipe));