1 files changed, 10 insertions, 0 deletions

diff --git a/lib/plugins/acl/remote.php b/lib/plugins/acl/remote.php
index b10c544ee..42449428f 100644
--- a/lib/plugins/acl/remote.php
+++ b/lib/plugins/acl/remote.php
@@ -32,9 +32,14 @@ class remote_plugin_acl extends DokuWiki_Remote_Plugin {
      * @param string $scope
      * @param string $user
      * @param int    $level see also inc/auth.php
+     * @throws RemoteAccessDeniedException
      * @return bool
      */
     public function addAcl($scope, $user, $level){
+        if(!auth_isadmin()) {
+            throw new RemoteAccessDeniedException('You are not allowed to access ACLs, superuser permission is required', 114);
+        }
+
         /** @var admin_plugin_acl $apa */
         $apa = plugin_load('admin', 'acl');
         return $apa->_acl_add($scope, $user, $level);
@@ -45,9 +50,14 @@ class remote_plugin_acl extends DokuWiki_Remote_Plugin {
      *
      * @param string $scope
      * @param string $user
+     * @throws RemoteAccessDeniedException
      * @return bool
      */
     public function delAcl($scope, $user){
+        if(!auth_isadmin()) {
+            throw new RemoteAccessDeniedException('You are not allowed to access ACLs, superuser permission is required', 114);
+        }
+
         /** @var admin_plugin_acl $apa */
         $apa = plugin_load('admin', 'acl');
         return $apa->_acl_del($scope, $user);