Index: openacs-4/packages/acs-subsite/www/file.vuh
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-subsite/www/file.vuh,v
diff -u -r1.2 -r1.3
--- openacs-4/packages/acs-subsite/www/file.vuh	9 Oct 2006 19:32:40 -0000	1.2
+++ openacs-4/packages/acs-subsite/www/file.vuh	21 Jan 2007 07:41:15 -0000	1.3
@@ -16,36 +16,38 @@
 
 # check permissions!
 if {$private eq "private"} {
-	# find if the image has a parent link to the object
-	# that is, if the image is used in a content item and you can read the
-	# content item, you can read the image regardless of the permissions
-	
-	if {![application_data_link::link_exists \
-		-from_object_id $private_parent_id \
-		-to_object_id $object_id]} {
-		# if the link does not exist it might be
-	        # because its a new object
-	        # that means you uploaded the image so you can see it in the editor while you are working on it
-		if {![permission::permission_p \
-			-object_id $object_id \
-			-privilege "read" \
-			-party_id [ad_conn user_id]]} {
-			# if you don't have permission to see it, it doesn't exist
-				ns_returnnotfound
-				ad_script_abort
-		}
-	} elseif {![permission::permission_p \
-	-privilege "read" \
-	-object_id $private_parent_id \
-	-party_id [ad_conn user_id]]} {
+    # find if the image has a parent link to the object
+    # that is, if the image is used in a content item and you can read the
+    # content item, you can read the image regardless of the permissions
+    
+    if {![application_data_link::link_exists \
+	      -from_object_id $private_parent_id \
+	      -to_object_id $object_id]} {
+	# if the link does not exist it might be
+	# because its a new object
+	# that means you uploaded the image so you can see it in the editor while you are working on it
+	if {![permission::permission_p \
+		  -object_id $object_id \
+		  -privilege "read" \
+		  -party_id [ad_conn user_id]]} {
+	    # if you don't have permission to see it, it doesn't exist
+	    ns_returnnotfound
+	    ad_script_abort
+	}
+    } elseif {![permission::permission_p \
+		    -privilege "read" \
+		    -object_id $private_parent_id \
+		    -party_id [ad_conn user_id]]} {
 	ns_returnnotfound
 	ad_script_abort
-} else {
+    } else {
 	permission::require_permission \
-    -privilege "read" \
-    -object_id $object_id \
-    -party_id [ad_conn user_id]
+	    -privilege "read" \
+	    -object_id $object_id \
+	    -party_id [ad_conn user_id]
+    }
 }
+
 # find a cr_item and serve it
 
 cr_write_content -item_id $object_id
\ No newline at end of file