From 14fd01b464033115718d6cd330b7c54571fee9db Mon Sep 17 00:00:00 2001 From: Marcel Klehr Date: Tue, 24 Dec 2024 09:32:56 +0100 Subject: [PATCH] fix(FoldersController): Refactor addToFolder Signed-off-by: Marcel Klehr --- lib/Controller/FoldersController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/Controller/FoldersController.php b/lib/Controller/FoldersController.php index ee83f97f6..4816011b7 100644 --- a/lib/Controller/FoldersController.php +++ b/lib/Controller/FoldersController.php @@ -221,7 +221,7 @@ public function getFolder($folderId): JSONResponse { * @throws UnauthenticatedError */ public function addToFolder($folderId, $bookmarkId): JSONResponse { - if (!Authorizer::hasPermission(Authorizer::PERM_WRITE, $this->authorizer->getPermissionsForFolder($folderId, $this->request)) && + if (!Authorizer::hasPermission(Authorizer::PERM_WRITE, $this->authorizer->getPermissionsForFolder($folderId, $this->request)) || !Authorizer::hasPermission(Authorizer::PERM_EDIT, $this->authorizer->getPermissionsForBookmark($bookmarkId, $this->request))) { $res = new JSONResponse(['status' => 'error', 'data' => ['Not found']], Http::STATUS_NOT_FOUND); $res->throttle();