don't check title permissions if upload is destined for stash anyway

diff --git a/includes/api/ApiUpload.php b/includes/api/ApiUpload.php
index 7af6818..c9ad283 100644 (file)
--- a/includes/api/ApiUpload.php
+++ b/includes/api/ApiUpload.php
@@ -82,11 +82,15 @@ class ApiUpload extends ApiBase {
                // Check if the uploaded file is sane
                $this->verifyUpload();
 
-               // Check permission to upload this file
-               $permErrors = $this->mUpload->verifyTitlePermissions( $wgUser );
-               if ( $permErrors !== true ) {
-                       // TODO: stash the upload and allow choosing a new name
-                       $this->dieUsageMsg( array( 'badaccess-groups' ) );
+               // Check if the user has the rights to modify or overwrite the requested title
+               // (This check is irrelevant if stashing is already requested, since the errors
+               //  can always be fixed by changing the title)
+               if ( ! $this->mParams['stash'] ) {
+                       $permErrors = $this->mUpload->verifyTitlePermissions( $wgUser );
+                       if ( $permErrors !== true ) {
+                               // TODO: stash the upload and allow choosing a new name
+                               $this->dieUsageMsg( array( 'badaccess-groups' ) );
+                       }
                }
 
                // Prepare the API result