From 86cf600d9e8085ed6c4ff8fe841fe1a5b2375bf9 Mon Sep 17 00:00:00 2001
From: Bob Weinand <bobwei9@hotmail.com>
Date: Sun, 2 Feb 2020 14:24:03 +0100
Subject: [PATCH] [ticket/16363] Allow replying to locked topics if user has
 m_lock permissions

An user may not be able to edit - but lock and unlock.
It is terribly inconvenient for users being only able to un/lock threads to
have to first unlock a topic, then reply and then re-lock it.

Thus in reply mode we check for lock permissions instead of edit.

This also includes editing if the user could normally edit his post if it
weren't for the lock.

PHPBB3-16363
---
 phpBB/posting.php   | 2 +-
 phpBB/viewtopic.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/phpBB/posting.php b/phpBB/posting.php
index cdc19903fd..e09751e594 100644
--- a/phpBB/posting.php
+++ b/phpBB/posting.php
@@ -434,7 +434,7 @@ if ($post_data['forum_type'] != FORUM_POST && in_array($mode, array('post', 'bum
 }
 
 // Forum/Topic locked?
-if (($post_data['forum_status'] == ITEM_LOCKED || (isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED)) && !$auth->acl_get('m_edit', $forum_id))
+if (($post_data['forum_status'] == ITEM_LOCKED || (isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED)) && !$auth->acl_get($mode == 'reply' ? 'm_lock' : 'm_edit', $forum_id))
 {
 	trigger_error(($post_data['forum_status'] == ITEM_LOCKED) ? 'FORUM_LOCKED' : 'TOPIC_LOCKED');
 }
diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php
index df241a5e8b..3d9de55a84 100644
--- a/phpBB/viewtopic.php
+++ b/phpBB/viewtopic.php
@@ -1931,7 +1931,7 @@ for ($i = 0, $end = count($post_list); $i < $end; ++$i)
 
 	$s_cannot_edit = !$auth->acl_get('f_edit', $forum_id) || $user->data['user_id'] != $poster_id;
 	$s_cannot_edit_time = $config['edit_time'] && $row['post_time'] <= time() - ($config['edit_time'] * 60);
-	$s_cannot_edit_locked = $topic_data['topic_status'] == ITEM_LOCKED || $row['post_edit_locked'];
+	$s_cannot_edit_locked = ($topic_data['topic_status'] == ITEM_LOCKED && !$auth->acl_get('m_lock', $forum_id)) || $row['post_edit_locked'];
 
 	$s_cannot_delete = $user->data['user_id'] != $poster_id || (
 			!$auth->acl_get('f_delete', $forum_id) &&