* @return boolean
*/
public function canReply() {
- return !$this->isClosed && !$this->leftAt;
+ return !$this->isClosed && !$this->leftAt && WCF::getSession()->getPermission('user.conversation.canReplyToConversation');
}
/**
* @return boolean
*/
public function canEdit() {
- return (WCF::getUser()->userID == $this->userID && ($this->getConversation()->isDraft || WCF::getSession()->getPermission('user.conversation.canEditMessage')));
+ return (WCF::getUser()->userID == $this->userID &&
+ ($this->getConversation()->isDraft || WCF::getSession()->getPermission('user.conversation.canEditMessage'))
+ && $this->getConversation()->canReply());
}
/**
throw new PermissionDeniedException();
}
$conversation->loadUserParticipation();
- if (!$conversation->canRead()) {
+ if (!$conversation->canRead() || !$conversation->canReply()) {
throw new PermissionDeniedException();
}
}