aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module/Wiki.php
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs/Module/Wiki.php')
-rw-r--r--Zotlabs/Module/Wiki.php6
1 files changed, 6 insertions, 0 deletions
diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php
index d694a28ae..75a620c37 100644
--- a/Zotlabs/Module/Wiki.php
+++ b/Zotlabs/Module/Wiki.php
@@ -538,6 +538,12 @@ class Wiki extends \Zotlabs\Web\Controller {
json_return_and_die(array('message' => t('Cannot delete Home'),'success' => false));
}
// Determine if observer has permission to delete pages
+ // currently just allow page owner
+
+ if((! local_channel()) || (local_channel() != $owner['channel_id'])) {
+ logger('Wiki write permission denied. ' . EOL);
+ json_return_and_die(array('success' => false));
+ }
$perms = Zlib\NativeWiki::get_permissions($resource_id, intval($owner['channel_id']), $observer_hash);
if(! $perms['write']) {