Check the permission when running the trash

modules/board/board.controller.php

@@ -297,10 +297,13 @@ class boardController extends board
 		if($this->module_info->trash_use == 'Y')
 		{
 			// move the trash
-			$output = $oDocumentController->moveDocumentToTrash($oDocument);
+			if($oDocument->isGranted() === true)
-			if(!$output->toBool())
 			{
-				return $output;
+				$output = $oDocumentController->moveDocumentToTrash($oDocument);
+				if(!$output->toBool())
+				{
+					return $output;
+				}
 			}
 		}
 		else

modules/trash/queries/getTrashList.xml

@@ -1,7 +1,10 @@
 <query id="getTrashList" action="select">
     <tables>
         <table name="trash" alias="T" />
-        <table name="member" alias="M" />
+        <table name="member" alias="M" type="left join" />
+	    <conditions>
+		    <condition operation="equal" column="T.remover_srl" default="M.member_srl" />
+	    </conditions>
     </tables>
     <columns>
         <column name="T.*" />
@@ -9,8 +12,7 @@
         <column name="M.nick_name" />
     </columns>
     <conditions>
-        <condition operation="equal" column="T.remover_srl" default="M.member_srl" notnull="notnull" />
+        <condition operation="in" column="trash_srl" var="trashSrl" filter="number" />
-        <condition operation="in" column="trash_srl" var="trashSrl" filter="number" pipe="and" />
         <condition operation="in" column="origin_module" var="originModule" pipe="and" />
         <group pipe="and">
             <condition operation="like" column="T.title" var="s_title" />

modules/trash/trash.admin.controller.php

@@ -17,15 +17,6 @@ class trashAdminController extends trash
 	 */
 	function insertTrash($obj)
 	{
-		if(!Context::get('is_logged'))
-		{
-			$trash_array = unserialize($obj->serializedObject);
-			if($_SERVER['REMOTE_ADDR'] !== $trash_array['ipaddress'])
-			{
-				return new Object(-1, 'msg_not_permitted');
-			}
-		}
-
 		$logged_info = Context::get('logged_info');
 
 		$oTrashVO = new TrashVO();