From 496f7f94482e6ce5257f48533798a130ca1834fb Mon Sep 17 00:00:00 2001
From: Marcel Werk <burntime@woltlab.com>
Date: Thu, 27 Oct 2016 18:32:43 +0200
Subject: [PATCH] admin can always delete attachments (unless they are private)

---
 .../files/lib/data/attachment/AttachmentAction.class.php     | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/wcfsetup/install/files/lib/data/attachment/AttachmentAction.class.php b/wcfsetup/install/files/lib/data/attachment/AttachmentAction.class.php
index 5be8905821..ba95255583 100644
--- a/wcfsetup/install/files/lib/data/attachment/AttachmentAction.class.php
+++ b/wcfsetup/install/files/lib/data/attachment/AttachmentAction.class.php
@@ -72,7 +72,10 @@ class AttachmentAction extends AbstractDatabaseObjectAction implements ISortable
 				}
 			}
 			else if (!$attachment->canDelete()) {
-				throw new PermissionDeniedException();
+				// admin can always delete attachments (unless they are private)
+				if (!WCF::getSession()->getPermission('admin.attachment.canManageAttachment') || ObjectTypeCache::getInstance()->getObjectType($attachment->objectTypeID)->private) {
+					throw new PermissionDeniedException();
+				}
 			}
 		}
 	}
-- 
2.20.1