From 46e955fd0c4a9b4edb7872a13217a818a5901e7d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cornelius=20Wei=C3=9F?= <nelius_weiss@alumni.egroupware.org>
Date: Sun, 4 Dec 2005 22:06:02 +0000
Subject: [PATCH] fixed bug reported by jsantand:  deleting of resources by non
 priveleged users

---
 resources/inc/class.bo_resources.inc.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/resources/inc/class.bo_resources.inc.php b/resources/inc/class.bo_resources.inc.php
index 733cb98f40..ea38d51ef7 100755
--- a/resources/inc/class.bo_resources.inc.php
+++ b/resources/inc/class.bo_resources.inc.php
@@ -240,6 +240,11 @@ class bo_resources
 	 */
 	function delete($res_id)
 	{
+		if(!$this->acl->is_permitted($this->so->get_value('cat_id',$res_id),EGW_ACL_DELETE))
+		{
+			return lang('You are not permitted to delete this reource!');
+		}
+		
 		if ($this->so->delete(array('res_id'=>$res_id)))
 		{
 			$this->remove_picture($res_id);