diff options
Diffstat (limited to 'Zotlabs/Module/Wiki.php')
-rw-r--r-- | Zotlabs/Module/Wiki.php | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index d694a28ae..75a620c37 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -538,6 +538,12 @@ class Wiki extends \Zotlabs\Web\Controller { json_return_and_die(array('message' => t('Cannot delete Home'),'success' => false)); } // Determine if observer has permission to delete pages + // currently just allow page owner + + if((! local_channel()) || (local_channel() != $owner['channel_id'])) { + logger('Wiki write permission denied. ' . EOL); + json_return_and_die(array('success' => false)); + } $perms = Zlib\NativeWiki::get_permissions($resource_id, intval($owner['channel_id']), $observer_hash); if(! $perms['write']) { |