summaryrefslogtreecommitdiff
path: root/core
diff options
context:
space:
mode:
Diffstat (limited to 'core')
-rw-r--r--core/controllers/albums.php8
-rw-r--r--core/controllers/simple_uploader.php2
-rw-r--r--core/helpers/core_installer.php1
3 files changed, 6 insertions, 5 deletions
diff --git a/core/controllers/albums.php b/core/controllers/albums.php
index adf59c02..6b976163 100644
--- a/core/controllers/albums.php
+++ b/core/controllers/albums.php
@@ -75,7 +75,7 @@ class Albums_Controller extends Items_Controller {
* @see REST_Controller::_create($resource)
*/
public function _create($album) {
- access::required("edit", $album);
+ access::required("add", $album);
switch ($this->input->post("type")) {
case "album":
@@ -90,7 +90,7 @@ class Albums_Controller extends Items_Controller {
}
private function _create_album($album) {
- access::required("edit", $album);
+ access::required("add", $album);
$form = album::get_add_form($album);
if ($form->validate()) {
@@ -117,7 +117,7 @@ class Albums_Controller extends Items_Controller {
}
private function _create_photo($album) {
- access::required("edit", $album);
+ access::required("add", $album);
// If we set the content type as JSON, it triggers saving the result as
// a document in the browser (well, in Chrome at least).
@@ -185,7 +185,7 @@ class Albums_Controller extends Items_Controller {
*/
public function _form_add($album_id) {
$album = ORM::factory("item", $album_id);
- access::required("edit", $album);
+ access::required("add", $album);
switch ($this->input->get("type")) {
case "album":
diff --git a/core/controllers/simple_uploader.php b/core/controllers/simple_uploader.php
index 479082d5..8d8bbbc0 100644
--- a/core/controllers/simple_uploader.php
+++ b/core/controllers/simple_uploader.php
@@ -33,7 +33,7 @@ class Simple_Uploader_Controller extends Controller {
public function add_photo($id) {
$album = ORM::factory("item", $id);
- access::required("edit", $album);
+ access::required("add", $album);
access::verify_csrf();
$file_validation = new Validation($_FILES);
diff --git a/core/helpers/core_installer.php b/core/helpers/core_installer.php
index a933762a..724c0b92 100644
--- a/core/helpers/core_installer.php
+++ b/core/helpers/core_installer.php
@@ -192,6 +192,7 @@ class core_installer {
access::register_permission("view", "View");
access::register_permission("view_full", "View Full Size");
access::register_permission("edit", "Edit");
+ access::register_permission("add", "Add");
$root = ORM::factory("item");
$root->type = "album";
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-14 16:43:49 +0000