diff options
| author | crupest <crupest@outlook.com> | 2022-03-23 21:30:14 +0800 |
|---|---|---|
| committer | crupest <crupest@outlook.com> | 2022-03-23 21:30:31 +0800 |
| commit | da9139b7bab95f6e5ba5f4bb2d99011c2d6db03a (patch) | |
| tree | 051fd4ca4bc511db7e04b019a33fddaab2d0cc6b /BackEnd/Timeline/Controllers/UserAvatarController.cs | |
| parent | 3d6c9fd916e18c99b3a5497b8313672680571b5e (diff) | |
| download | timeline-da9139b7bab95f6e5ba5f4bb2d99011c2d6db03a.tar.gz timeline-da9139b7bab95f6e5ba5f4bb2d99011c2d6db03a.tar.bz2 timeline-da9139b7bab95f6e5ba5f4bb2d99011c2d6db03a.zip | |
…
Diffstat (limited to 'BackEnd/Timeline/Controllers/UserAvatarController.cs')
| -rw-r--r-- | BackEnd/Timeline/Controllers/UserAvatarController.cs | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/BackEnd/Timeline/Controllers/UserAvatarController.cs b/BackEnd/Timeline/Controllers/UserAvatarController.cs index 5b8c5cdf..072ab621 100644 --- a/BackEnd/Timeline/Controllers/UserAvatarController.cs +++ b/BackEnd/Timeline/Controllers/UserAvatarController.cs @@ -61,7 +61,7 @@ namespace Timeline.Controllers [ProducesResponseType(StatusCodes.Status403Forbidden)]
public async Task<IActionResult> Put([FromRoute][Username] string username, [FromBody] ByteData body)
{
- if (!UserHasPermission(UserPermission.UserManagement) && GetUsername() != username)
+ if (!UserHasPermission(UserPermission.UserManagement) && !await CheckIsSelf(username))
{
return ForbidWithCommonResponse(Resource.MessageForbidNotAdministratorOrOwner);
}
@@ -91,7 +91,7 @@ namespace Timeline.Controllers [ProducesResponseType(StatusCodes.Status403Forbidden)]
public async Task<IActionResult> Delete([FromRoute][Username] string username)
{
- if (!UserHasPermission(UserPermission.UserManagement) && User.Identity!.Name != username)
+ if (!UserHasPermission(UserPermission.UserManagement) && !await CheckIsSelf(username))
{
return ForbidWithCommonResponse(Resource.MessageForbidNotAdministratorOrOwner);
}
|