diff --git a/modules/media/ajax/FileUpload.php b/modules/media/ajax/FileUpload.php
index a29213932be..c23cd9d7133 100644
--- a/modules/media/ajax/FileUpload.php
+++ b/modules/media/ajax/FileUpload.php
@@ -16,7 +16,7 @@
 if (isset($_GET['action'])) {
     $action = $_GET['action'];
     if ($action == "getData") {
-        echo json_encode(getUploadFields());
+        viewData();
     } else if ($action == "upload") {
         uploadFile();
     } else if ($action == "edit") {
@@ -178,6 +178,21 @@ function uploadFile()
     }
 }
 
+/**
+ * Handles the media view data process
+ *
+ * @return void
+ */
+function viewData()
+{
+    $user =& User::singleton();
+    if (!$user->hasPermission('media_read')) {
+        header("HTTP/1.1 403 Forbidden");
+        exit;
+    }
+    echo json_encode(getUploadFields());
+}
+
 /**
  * Returns a list of fields from database
  *