Index: openacs-4/packages/chat/tcl/chat-ajax-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/chat/tcl/chat-ajax-procs.tcl,v diff -u -r1.23.2.8 -r1.23.2.9 --- openacs-4/packages/chat/tcl/chat-ajax-procs.tcl 5 Oct 2019 13:09:56 -0000 1.23.2.8 +++ openacs-4/packages/chat/tcl/chat-ajax-procs.tcl 13 Mar 2020 15:16:17 -0000 1.23.2.9 @@ -79,8 +79,9 @@ # e.g. in the sweeper. We don't want to check permissions in # this case. if {[ns_conn isconnected]} { - permission::require_permission -object_id ${:chat_id} -privilege "chat_read" - if {[permission::permission_p -object_id ${:chat_id} -privilege "chat_ban"]} { + # Check that user can read the chat and is not banned + if {![permission::permission_p -object_id ${:chat_id} -privilege "chat_ban"] || + [permission::permission_p -object_id ${:chat_id} -privilege "chat_ban"]} { ad_return_forbidden ad_script_abort }