gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-13 21:21:27 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

move folders/documents propperly checks for access rights (Closes #309)

Browse Source
This commit is contained in:
Uwe Steinmann 2017-02-18 07:55:40 +01:00
parent 1b638d52ee
commit 6f0d9e5d5d
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
op/op.Ajax.php
View File

@ -232,7 +232,7 @@ switch($command) {
} else { } else {
$mfolder = $dms->getFolder($_REQUEST['folderid']); $mfolder = $dms->getFolder($_REQUEST['folderid']);
if($mfolder) { if($mfolder) {
if ($mfolder->getAccessMode($user) >= M_READ) { if ($mfolder->getAccessMode($user) >= M_READWRITE) {
if($folder = $dms->getFolder($_REQUEST['targetfolderid'])) { if($folder = $dms->getFolder($_REQUEST['targetfolderid'])) {
if($folder->getAccessMode($user) >= M_READWRITE) { if($folder->getAccessMode($user) >= M_READWRITE) {
if($mfolder->setParent($folder)) { if($mfolder->setParent($folder)) {
@ -271,7 +271,7 @@ switch($command) {
} else { } else {
$mdocument = $dms->getDocument($_REQUEST['docid']); $mdocument = $dms->getDocument($_REQUEST['docid']);
if($mdocument) { if($mdocument) {
if ($mdocument->getAccessMode($user) >= M_READ) { if ($mdocument->getAccessMode($user) >= M_READWRITE) {
if($folder = $dms->getFolder($_REQUEST['targetfolderid'])) { if($folder = $dms->getFolder($_REQUEST['targetfolderid'])) {
if($folder->getAccessMode($user) >= M_READWRITE) { if($folder->getAccessMode($user) >= M_READWRITE) {
if($mdocument->setFolder($folder)) { if($mdocument->setFolder($folder)) {