X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/ed05e40566a8d2a39530507598d835764885cf73..ac1226031eb5c5f9b8fe528420483f4d8828c73d:/IkiWiki/Plugin/remove.pm

diff --git a/IkiWiki/Plugin/remove.pm b/IkiWiki/Plugin/remove.pm
index 21028cde3..9b6655139 100644
--- a/IkiWiki/Plugin/remove.pm
+++ b/IkiWiki/Plugin/remove.pm
@@ -97,11 +97,11 @@ sub formbuilder (@) { #{{{
 			removal_confirm($q, $session, 0, $form->field("page"));
 		}
 		elsif ($form->submitted eq "Remove Attachments") {
-			my @pages=$q->param("attachment_select");
-			if (! @pages) {
+			my @selected=$q->param("attachment_select");
+			if (! @selected) {
 				error(gettext("Please select the attachments to remove."));
 			}
-			removal_confirm($q, $session, 1, @pages);
+			removal_confirm($q, $session, 1, @selected);
 		}
 	}
 } #}}}
@@ -129,9 +129,6 @@ sub sessioncgi ($$) { #{{{
 					error(sprintf(gettext("%s does not exist"),
 					htmllink("", "", $page, noimageinline => 1)));
 				}
-				
-				# Must be editiable.
-				IkiWiki::check_canedit($page, $q, $session);
 
 				# Must exist on disk, and be a regular file.
 				my $file=$pagesources{$page};
@@ -141,6 +138,16 @@ sub sessioncgi ($$) { #{{{
 				elsif (-l "$config{srcdir}/$file" && ! -f _) {
 					error(sprintf(gettext("%s is not a file"), $file));
 				}
+				
+				# Must be editiable.
+				IkiWiki::check_canedit($page, $q, $session);
+
+				# This is sorta overkill, but better safe
+				# than sorry. If a user can't upload an
+				# attachment, don't let them delete it.
+				if ($q->param("attachment")) {
+					IkiWiki::Plugin::attachment::check_canattach($session, $page, $file);
+				}
 
 				push @files, IkiWiki::possibly_foolish_untaint($file);
 			}