From c9fd6de69e192a1fb8b24de44d6415104c4accec Mon Sep 17 00:00:00 2001
From: corentin-soriano <corentin+github@soriano.app>
Date: Fri, 15 Nov 2024 16:34:08 +0100
Subject: [PATCH] Improve get_complixity_level access control.

---
 sources/items.queries.php | 26 ++++++++++++++++++++++++--
 1 file changed, 24 insertions(+), 2 deletions(-)

diff --git a/sources/items.queries.php b/sources/items.queries.php
index e87eada63..014f16377 100755
--- a/sources/items.queries.php
+++ b/sources/items.queries.php
@@ -4849,7 +4849,7 @@
         }
         
         // Get access level for this folder
-        $accessLevel = 20;
+        $accessLevel = 0;
         if ($folder_is_personal === 0) {
             $arrTmp = [];
             foreach ($session->get('user-roles_array') as $role) {
@@ -4886,7 +4886,29 @@
             // 3.0.0.0 - changed  MIN to MAX
             $accessLevel = count($arrTmp) > 0 ? max($arrTmp) : $accessLevel;
         } elseif ($folder_is_personal === 1) {
-            $accessLevel = 30;
+
+            // Check if personal folder is owned by user
+            $folder_title = DB::queryFirstRow(
+                'SELECT title
+                FROM ' . prefixTable('nested_tree') . '
+                WHERE id = %s AND title = %s',
+                $inputData['folderId'],
+                $session->get('user-id'),
+            );
+
+            if ($folder_title) $accessLevel = 30;
+        }
+
+        // Access is not allowed to this folder
+        if ($accessLevel === 0) {
+            echo (string) prepareExchangedData(
+                [
+                    'error' => true,
+                    'message' => $lang->get('error_not_allowed_to_access_this_folder'),
+                ],
+                'encode'
+            );
+            break;
         }
 
         $returnValues = array(