versia-pub/server
2
0
Fork 0
mirror of https://github.com/versia-pub/server.git synced 2026-03-13 05:49:16 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(api): 🔒 Correctly check for note ownership when editing

Browse source
This commit is contained in:
Jesse Wierzbinski 2024-11-19 17:26:14 +01:00
parent 653cf712ea
commit 9682cd0f99
No known key found for this signature in database
10 changed files with 40 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

2
api/objects/:id/index.ts
View file

@ -81,7 +81,7 @@ export default apiRoute((app) =>
foundAuthor = foundObject ? foundObject.author : null;
if (foundObject) {
if (!foundObject.isViewableByUser(null)) {
if (!(await foundObject.isViewableByUser(null))) {
return context.json({ error: "Object not found" }, 404);
}
} else {