diff options
| -rw-r--r-- | lib/plugins/acl/remote.php | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/lib/plugins/acl/remote.php b/lib/plugins/acl/remote.php index b10c544ee..42449428f 100644 --- a/lib/plugins/acl/remote.php +++ b/lib/plugins/acl/remote.php @@ -32,9 +32,14 @@ class remote_plugin_acl extends DokuWiki_Remote_Plugin { * @param string $scope * @param string $user * @param int $level see also inc/auth.php + * @throws RemoteAccessDeniedException * @return bool */ public function addAcl($scope, $user, $level){ + if(!auth_isadmin()) { + throw new RemoteAccessDeniedException('You are not allowed to access ACLs, superuser permission is required', 114); + } + /** @var admin_plugin_acl $apa */ $apa = plugin_load('admin', 'acl'); return $apa->_acl_add($scope, $user, $level); @@ -45,9 +50,14 @@ class remote_plugin_acl extends DokuWiki_Remote_Plugin { * * @param string $scope * @param string $user + * @throws RemoteAccessDeniedException * @return bool */ public function delAcl($scope, $user){ + if(!auth_isadmin()) { + throw new RemoteAccessDeniedException('You are not allowed to access ACLs, superuser permission is required', 114); + } + /** @var admin_plugin_acl $apa */ $apa = plugin_load('admin', 'acl'); return $apa->_acl_del($scope, $user); |