From 2cc36096fb713b5c519345ff9963120545abfcca Mon Sep 17 00:00:00 2001
From: Marc Ole Bulling <Marc-Ole@gmx.de>
Date: Tue, 17 Dec 2024 15:55:00 +0100
Subject: [PATCH] Added env variable GOKAPI_DISABLE_REPLACE to displace replace
 feature, until user permissions are added

---
 internal/webserver/api/Api.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/internal/webserver/api/Api.go b/internal/webserver/api/Api.go
index 4ec34c0..fd97738 100644
--- a/internal/webserver/api/Api.go
+++ b/internal/webserver/api/Api.go
@@ -11,6 +11,7 @@ import (
 	"github.com/forceu/gokapi/internal/webserver/fileupload"
 	"io"
 	"net/http"
+	"os"
 	"strconv"
 	"strings"
 	"time"
@@ -390,6 +391,11 @@ func replaceFile(w http.ResponseWriter, request apiRequest) {
 		sendError(w, http.StatusBadRequest, err.Error())
 		return
 	}
+	// TODO remove with 2.0 once user control has been added
+	if os.Getenv("GOKAPI_DISABLE_REPLACE") != "" {
+		sendError(w, http.StatusUnauthorized, "Replace file is disabled")
+		return
+	}
 	modifiedFile, err := storage.ReplaceFile(request.fileInfo.id, request.filemodInfo.idNewContent, request.filemodInfo.deleteNewFile)
 	if err != nil {
 		switch {