app/controllers/knitkit/base_controller.rb in knitkit-2.1.13 vs app/controllers/knitkit/base_controller.rb in knitkit-2.1.14

@@ -29,9 +29,10 @@
     end
     
     def set_section
       unless params[:section_id].nil?
         @website_section = WebsiteSection.find(params[:section_id])
+        @website_section = @website_section.root if @website_section.is_document_section? # check security on root document section
         if @website_section.protected_with_capability?(:view)
           if !current_user and @website_section.path != @login_path
             session[:return_to_url] = @website_section.path
             redirect_to @login_path
           elsif current_user and !current_user.has_capability?(:view, @website_section)