view permission on the parent. Added a whitelist of allowable
owner permissions.
If the requested permission is view and the user requesting access
is the owner, check that they have view permission to the parent.
1) Change access_Core::user_can to return true for all permissions if the
owner is the specified user.
2) Change Item_Model::viewable to set the owner_id is the first view_restriction
This allowed simplification of the generating the where clause to a single
$this->orwhere instead of a where and an orwhere.
old ORM relationships from hanging around, which was causing problems
when doing MPTT manipulations (resulting in incorrect permission
propagation-- very bad!)
Kohana makes this type of transition fairly straightforward in that
all controllers/helpers/etc are still located in the cascading
filesystem without any extra effort, except that I've temporarily
added a hack to force modules/gallery into the module path.
Rename what's left of "core" to be "application" so that it conforms
more closely to the Kohana standard (basically, just
application/config/config.php which is the minimal thing that you need
in the application directory)
There's still considerable work left to be done here.
