diff options
| author | Greg Roach <greg@subaqua.co.uk> | 2021-10-20 10:38:40 +0100 |
|---|---|---|
| committer | Greg Roach <greg@subaqua.co.uk> | 2021-10-20 10:38:40 +0100 |
| commit | 52ed2878d1c7187d71305bbff65f608ca6820a24 (patch) | |
| tree | f8cc089f061167072196fe673d15bcfeff6b0e1a /app/Http/RequestHandlers/EditMediaFileAction.php | |
| parent | fa5cbab582a76bfbb910725460daa14f29daa561 (diff) | |
| download | webtrees-52ed2878d1c7187d71305bbff65f608ca6820a24.tar.gz webtrees-52ed2878d1c7187d71305bbff65f608ca6820a24.tar.bz2 webtrees-52ed2878d1c7187d71305bbff65f608ca6820a24.zip | |
Use Auth class to check authorization
Diffstat (limited to 'app/Http/RequestHandlers/EditMediaFileAction.php')
| -rw-r--r-- | app/Http/RequestHandlers/EditMediaFileAction.php | 7 |
1 files changed, 2 insertions, 5 deletions
diff --git a/app/Http/RequestHandlers/EditMediaFileAction.php b/app/Http/RequestHandlers/EditMediaFileAction.php index 63540f39ce..32928c9ff2 100644 --- a/app/Http/RequestHandlers/EditMediaFileAction.php +++ b/app/Http/RequestHandlers/EditMediaFileAction.php @@ -19,6 +19,7 @@ declare(strict_types=1); namespace Fisharebest\Webtrees\Http\RequestHandlers; +use Fisharebest\Webtrees\Auth; use Fisharebest\Webtrees\FlashMessages; use Fisharebest\Webtrees\Html; use Fisharebest\Webtrees\I18N; @@ -90,16 +91,12 @@ class EditMediaFileAction implements RequestHandlerInterface $title = $params['title'] ?? ''; $type = $params['type'] ?? ''; $media = Registry::mediaFactory()->make($xref, $tree); + $media = Auth::checkMediaAccess($media, true); // Tidy non-printing characters $type = trim(preg_replace('/\s+/', ' ', $type)); $title = trim(preg_replace('/\s+/', ' ', $title)); - // Media object oes not exist? Media object is read-only? - if ($media === null || $media->isPendingDeletion() || !$media->canEdit()) { - return redirect(route(TreePage::class, ['tree' => $tree->name()])); - } - // Find the fact to edit $media_file = $media->mediaFiles() ->first(static function (MediaFile $media_file) use ($fact_id): bool { |
