do not allow to delete non empty folders

only admins may delete folders
2025-02-11 09:35:00 +00:00 · 2012-12-13 21:21:35 +00:00 · 2012-12-13 21:21:35 +00:00 · f2ca92f48b
commit f2ca92f48b
parent 945e39eb1a
1 changed files with 9 additions and 0 deletions
--- a/webdav/letodms_webdav.php
+++ b/webdav/letodms_webdav.php
@ -608,10 +608,19 @@ class HTTP_WebDAV_Server_LetoDMS extends HTTP_WebDAV_Server
 		}

 		if (get_class($obj) == 'LetoDMS_Core_Folder') {
+			if($obj->hasDocuments() || $obj->hasSubFolders()) {
+				return "409 Conflict";
+			}
 			if(!$obj->remove()) {
 				return "409 Conflict";
 			}
 		} else {
+			// check if user is admin
+			// only admins may delete documents
+			if(!$this->user->isAdmin()) {
+				return "403 Forbidden";				 
+			}
+
 			if(!$obj->remove()) {
 				return "409 Conflict";
 			}