diff options
author | Roeland Jago Douma <roeland@famdouma.nl> | 2019-03-21 23:10:19 +0300 |
---|---|---|
committer | Roeland Jago Douma <roeland@famdouma.nl> | 2019-03-21 23:10:19 +0300 |
commit | 7d8846a96fb9616d4bb0c1dce2cfe6d00d8c79c6 (patch) | |
tree | 360682f29d9d381f3d9a804958765cb023c64ad8 /lib | |
parent | 18a7939ab2da5ccff57f308049789b6c7c9a314e (diff) |
Check actual file if it can be updated
There is no need to check the root folder because it doesn't tell you if
the file itself is updatable.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/TokenManager.php | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/lib/TokenManager.php b/lib/TokenManager.php index 9918aa30..cf638566 100644 --- a/lib/TokenManager.php +++ b/lib/TokenManager.php @@ -99,7 +99,16 @@ class TokenManager { try { $editoruid = $this->userId; $rootFolder = $this->rootFolder->getUserFolder($editoruid); - $updatable = $rootFolder->isUpdateable(); + + $files = $rootFolder->getById((int)$fileId); + $updatable = false; + foreach ($files as $file) { + if ($file->isUpdateable()) { + $updatable = true; + break; + } + } + // Check if the editor (user who is accessing) is in editable group // UserCanWrite only if // 1. No edit groups are set or @@ -163,8 +172,7 @@ class TokenManager { public function getTokenForTemplate(File $file, $userId, $templateDestination) { $owneruid = $userId; $editoruid = $userId; - $rootFolder = $this->rootFolder->getUserFolder($editoruid); - $updatable = $rootFolder->isUpdateable(); + $updatable = $file->isUpdateable(); // Check if the editor (user who is accessing) is in editable group // UserCanWrite only if // 1. No edit groups are set or |