Made delete permissions a requirement for move operations

Closes #1200
2025-06-11 13:48:13 +03:00 · 2019-01-05 14:39:40 +00:00
parent 2317bf2350
commit a2087fe3ff
5 changed files with 65 additions and 6 deletions
--- a/app/Http/Controllers/ChapterController.php
+++ b/app/Http/Controllers/ChapterController.php
@ -161,6 +161,7 @@ class ChapterController extends Controller
        $chapter = $this->entityRepo->getBySlug('chapter', $chapterSlug, $bookSlug);
        $this->setPageTitle(trans('entities.chapters_move_named', ['chapterName' => $chapter->getShortName()]));
        $this->checkOwnablePermission('chapter-update', $chapter);
+        $this->checkOwnablePermission('chapter-delete', $chapter);
        return view('chapters/move', [
            'chapter' => $chapter,
            'book' => $chapter->book
@ -179,6 +180,7 @@ class ChapterController extends Controller
    {
        $chapter = $this->entityRepo->getBySlug('chapter', $chapterSlug, $bookSlug);
        $this->checkOwnablePermission('chapter-update', $chapter);
+        $this->checkOwnablePermission('chapter-delete', $chapter);

        $entitySelection = $request->get('entity_selection', null);
        if ($entitySelection === null || $entitySelection === '') {