From 0c9fe2f99c2261bf00224120acba4fd199b28dc2 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Mon, 21 Jul 2008 22:44:19 -0400 Subject: [PATCH] use check_canattach As noted, this may be overkill.. --- IkiWiki/Plugin/remove.pm | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/IkiWiki/Plugin/remove.pm b/IkiWiki/Plugin/remove.pm index bb5f56540..9b6655139 100644 --- a/IkiWiki/Plugin/remove.pm +++ b/IkiWiki/Plugin/remove.pm @@ -129,9 +129,6 @@ sub sessioncgi ($$) { #{{{ error(sprintf(gettext("%s does not exist"), htmllink("", "", $page, noimageinline => 1))); } - - # Must be editiable. - IkiWiki::check_canedit($page, $q, $session); # Must exist on disk, and be a regular file. my $file=$pagesources{$page}; @@ -141,12 +138,20 @@ sub sessioncgi ($$) { #{{{ elsif (-l "$config{srcdir}/$file" && ! -f _) { error(sprintf(gettext("%s is not a file"), $file)); } + + # Must be editiable. + IkiWiki::check_canedit($page, $q, $session); + + # This is sorta overkill, but better safe + # than sorry. If a user can't upload an + # attachment, don't let them delete it. + if ($q->param("attachment")) { + IkiWiki::Plugin::attachment::check_canattach($session, $page, $file); + } push @files, IkiWiki::possibly_foolish_untaint($file); } - # TODO check attachment limits. - # Do removal, and update the wiki. require IkiWiki::Render; if ($config{rcs}) { -- 2.39.5