Patch for mpd tag v0.19.9 that allows unauthenticated users to enque files using the `file://' url scheme as long as the MPD daemon is able to read the files.

mpd-fileaccess_v0.19.9.patch

diff --git a/src/client/ClientFile.cxx b/src/client/ClientFile.cxx
index 3ea8034..0f75907 100644
--- a/src/client/ClientFile.cxx
+++ b/src/client/ClientFile.cxx
@@ -33,32 +33,23 @@ Client::AllowFile(Path path_fs, Error &error) const
 #ifdef WIN32
 	(void)path_fs;
 
-	error.Set(ack_domain, ACK_ERROR_PERMISSION, "Access denied");
+	error.Set(ack_domain, ACK_ERROR_PERMISSION, "Not Implemented.");
 	return false;
 #else
-	if (uid >= 0 && (uid_t)uid == geteuid())
-		/* always allow access if user runs his own MPD
-		   instance */
-		return true;
-
-	if (uid < 0) {
-		/* unauthenticated client */
-		error.Set(ack_domain, ACK_ERROR_PERMISSION, "Access denied");
-		return false;
-	}
-
 	struct stat st;
 	if (!StatFile(path_fs, st)) {
 		error.SetErrno();
 		return false;
 	}
 
-	if (st.st_uid != (uid_t)uid && (st.st_mode & 0444) != 0444) {
-		/* client is not owner */
-		error.Set(ack_domain, ACK_ERROR_PERMISSION, "Access denied");
-		return false;
-	}
-
-	return true;
+    /* Check if the file itself is readable. */
+    if ((geteuid() == st.st_uid && (st.st_mode & 0400) == 0400) ||
+        (getegid() == st.st_gid && (st.st_mode & 0040) == 0040) ||
+        ((st.st_mode & 0004) == 0004)) {
+        return true;
+    }
+    /* Otherwise, we can't read these files. */
+    error.Set(ack_domain, ACK_ERROR_PERMISSION, "Access denied.");
+    return false;
 #endif
 }