From 676a9958895a77de340565e7a0b17ae744664904 Mon Sep 17 00:00:00 2001
From: snipe <snipe@snipe.net>
Date: Tue, 10 Mar 2026 10:22:39 +0000
Subject: [PATCH] Use update check for files controller api

---
 app/Http/Controllers/Api/UploadedFilesController.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Http/Controllers/Api/UploadedFilesController.php b/app/Http/Controllers/Api/UploadedFilesController.php
index 3ebae75003..98220972ed 100644
--- a/app/Http/Controllers/Api/UploadedFilesController.php
+++ b/app/Http/Controllers/Api/UploadedFilesController.php
@@ -93,7 +93,7 @@ class UploadedFilesController extends Controller
 
         // Check the permissions to make sure the user can view the object
         $object = self::$map_object_type[$object_type]::withTrashed()->find($id);
-        $this->authorize('view', $object);
+        $this->authorize('update', $object);
 
         if (!$object) {
             return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.file_upload_status.invalid_object')));