From d71a3e910b44aa982d96b29a46ad2b481a226ac4 Mon Sep 17 00:00:00 2001
From: Greg Post <gregory.post@asu.edu>
Date: Mon, 20 Jan 2025 09:43:58 -0600
Subject: [PATCH 1/2] Update index.php

Build occurrence array after protections applied
---
 collections/individual/index.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/collections/individual/index.php b/collections/individual/index.php
index 602999c518..eff3c2e676 100644
--- a/collections/individual/index.php
+++ b/collections/individual/index.php
@@ -33,7 +33,6 @@
 $indManager->setOccurData();
 if(!$occid) $occid = $indManager->getOccid();
 if(!$collid) $collid = $indManager->getCollid();
-$occArr = $indManager->getOccData();
 
 $isSecuredReader = false;
 $isEditor = false;
@@ -65,10 +64,11 @@
 		$isSecuredReader = true;
 	}
 }
-if($indManager->applyProtections($isSecuredReader)){
-	//Protections applied, thus reset occurrence array
-	$occArr = $indManager->getOccData();
-}
+
+//Appy protections and build occurrence array
+$indManager->applyProtections($isSecuredReader);
+$occArr = $indManager->getOccData();
+
 $collMetadata = $indManager->getMetadata();
 $genticArr = $indManager->getGeneticArr();
 

From 138a4edbfb80526714cc5d18474941887cfb0773 Mon Sep 17 00:00:00 2001
From: Edward Gilbert <egbot@asu.edu>
Date: Tue, 21 Jan 2025 09:36:19 -0700
Subject: [PATCH 2/2] Adjustment

- Get observeruid value directly from occData class array, thus avoiding occArr needing to exist prior to permission checks
---
 classes/OccurrenceIndividual.php | 2 +-
 collections/individual/index.php | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/classes/OccurrenceIndividual.php b/classes/OccurrenceIndividual.php
index 411ba5f8dc..a4328d0f8e 100644
--- a/classes/OccurrenceIndividual.php
+++ b/classes/OccurrenceIndividual.php
@@ -110,7 +110,7 @@ public function getOccData($fieldKey = ""){
 		if($this->occid){
 			if(!$this->occArr) $this->setOccurData();
 			if($fieldKey){
-				if(array_key_exists($fieldKey,$this->occArr)) return $this->occArr($fieldKey);
+				if(array_key_exists($fieldKey,$this->occArr)) return $this->occArr[$fieldKey];
 				return false;
 			}
 		}
diff --git a/collections/individual/index.php b/collections/individual/index.php
index eff3c2e676..dc5842597f 100644
--- a/collections/individual/index.php
+++ b/collections/individual/index.php
@@ -38,13 +38,14 @@
 $isEditor = false;
 if($SYMB_UID){
 	//Check editing status
+	$observerUid = $indManager->getOccData('observeruid');
 	if($IS_ADMIN || (array_key_exists('CollAdmin',$USER_RIGHTS) && in_array($collid,$USER_RIGHTS['CollAdmin']))){
 		$isEditor = true;
 	}
 	elseif((array_key_exists('CollEditor',$USER_RIGHTS) && in_array($collid,$USER_RIGHTS['CollEditor']))){
 		$isEditor = true;
 	}
-	elseif(isset($occArr['observeruid']) && $occArr['observeruid'] == $SYMB_UID){
+	elseif($observerUid == $SYMB_UID){
 		$isEditor = true;
 	}
 	elseif($indManager->isTaxonomicEditor()){