1 files changed, 7 insertions, 0 deletions

diff --git a/storage-backend/index.php b/storage-backend/index.php
index 8639499..eae06ef 100644
--- a/storage-backend/index.php
+++ b/storage-backend/index.php
@@ -81,6 +81,13 @@ switch ($method) {
           sendHttpReturnCodeAndJson(403, "The slot does not exist.");
         }
         
+        if ($config['delete_only_by_creator']) {
+          $slotParameters = loadSlotParameters($slotUUID, $config);
+          if ($slotParameters['user_jid'] != $userJid) {
+            sendHttpReturnCodeAndJson(403, "Deletion of that file is only allowed by the user created it.");
+          }
+        }
+        
         // generate delete token, register delete token
         $deleteToken = generate_uuid();
         registerDeleteToken($slotUUID, $filename, $deleteToken, $config);