From f2ca92f48b0499eb0612e5aaa7d5a5bab5acb613 Mon Sep 17 00:00:00 2001
From: steinm <steinm@577cc39b-cfd1-4aa2-8bc3-eda205cea05a>
Date: Thu, 13 Dec 2012 21:21:35 +0000
Subject: [PATCH] do not allow to delete non empty folders only admins may
 delete folders

---
 webdav/letodms_webdav.php | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/webdav/letodms_webdav.php b/webdav/letodms_webdav.php
index fc283a251..c43d5ac04 100644
--- a/webdav/letodms_webdav.php
+++ b/webdav/letodms_webdav.php
@@ -608,10 +608,19 @@ class HTTP_WebDAV_Server_LetoDMS extends HTTP_WebDAV_Server
 		}
 
 		if (get_class($obj) == 'LetoDMS_Core_Folder') {
+			if($obj->hasDocuments() || $obj->hasSubFolders()) {
+				return "409 Conflict";
+			}
 			if(!$obj->remove()) {
 				return "409 Conflict";
 			}
 		} else {
+			// check if user is admin
+			// only admins may delete documents
+			if(!$this->user->isAdmin()) {
+				return "403 Forbidden";				 
+			}
+
 			if(!$obj->remove()) {
 				return "409 Conflict";
 			}