Introduce MODIFY permission for external storages

3 files changed, 8 insertions, 7 deletions

diff --git a/apps/files_external/controller/globalstoragescontroller.php b/apps/files_external/controller/globalstoragescontroller.php
index 32408420039..7d97fdbb4f4 100644
--- a/apps/files_external/controller/globalstoragescontroller.php
+++ b/apps/files_external/controller/globalstoragescontroller.php
@@ -98,7 +98,7 @@ class GlobalStoragesController extends StoragesController {
 			return $newStorage;
 		}
 
-		$response = $this->validate($newStorage);
+		$response = $this->validate($newStorage, BackendService::PERMISSION_CREATE);
 		if (!empty($response)) {
 			return $response;
 		}
@@ -154,7 +154,7 @@ class GlobalStoragesController extends StoragesController {
 		}
 		$storage->setId($id);
 
-		$response = $this->validate($storage);
+		$response = $this->validate($storage, BackendService::PERMISSION_MODIFY);
 		if (!empty($response)) {
 			return $response;
 		}
diff --git a/apps/files_external/controller/storagescontroller.php b/apps/files_external/controller/storagescontroller.php
index d99b8b5f2c5..46202c8ba4a 100644
--- a/apps/files_external/controller/storagescontroller.php
+++ b/apps/files_external/controller/storagescontroller.php
@@ -125,10 +125,11 @@ abstract class StoragesController extends Controller {
 	 * Validate storage config
 	 *
 	 * @param StorageConfig $storage storage config
+	 * @param int $permissionCheck permission to check
 	 *
 	 * @return DataResponse|null returns response in case of validation error
 	 */
-	protected function validate(StorageConfig $storage) {
+	protected function validate(StorageConfig $storage, $permissionCheck = BackendService::PERMISSION_CREATE) {
 		$mountPoint = $storage->getMountPoint();
 		if ($mountPoint === '' || $mountPoint === '/') {
 			return new DataResponse(
@@ -165,7 +166,7 @@ abstract class StoragesController extends Controller {
 			);
 		}
 
-		if (!$backend->isPermitted($this->getUserType(), BackendService::PERMISSION_CREATE)) {
+		if (!$backend->isPermitted($this->getUserType(), $permissionCheck)) {
 			// not permitted to use backend
 			return new DataResponse(
 				array(
@@ -176,7 +177,7 @@ abstract class StoragesController extends Controller {
 				Http::STATUS_UNPROCESSABLE_ENTITY
 			);
 		}
-		if (!$authMechanism->isPermitted($this->getUserType(), BackendService::PERMISSION_CREATE)) {
+		if (!$authMechanism->isPermitted($this->getUserType(), $permissionCheck)) {
 			// not permitted to use auth mechanism
 			return new DataResponse(
 				array(
diff --git a/apps/files_external/controller/userstoragescontroller.php b/apps/files_external/controller/userstoragescontroller.php
index 585ff8eeb00..801c9ab0aae 100644
--- a/apps/files_external/controller/userstoragescontroller.php
+++ b/apps/files_external/controller/userstoragescontroller.php
@@ -103,7 +103,7 @@ class UserStoragesController extends StoragesController {
 			return $newStorage;
 		}
 
-		$response = $this->validate($newStorage);
+		$response = $this->validate($newStorage, BackendService::PERMISSION_CREATE);
 		if (!empty($response)) {
 			return $response;
 		}
@@ -151,7 +151,7 @@ class UserStoragesController extends StoragesController {
 		}
 		$storage->setId($id);
 
-		$response = $this->validate($storage);
+		$response = $this->validate($storage, BackendService::PERMISSION_MODIFY);
 		if (!empty($response)) {
 			return $response;
 		}