diff options
| author | crupest <crupest@outlook.com> | 2020-02-02 22:37:47 +0800 |
|---|---|---|
| committer | crupest <crupest@outlook.com> | 2020-02-02 22:37:47 +0800 |
| commit | c4fcf37d6018a0a0408920593fbfb7c01af96859 (patch) | |
| tree | 38f99c0b8631d34facfe81c23bab274168643040 /Timeline/Controllers/PersonalTimelineController.cs | |
| parent | b9dc0062241f4dcf5221808d97a7e4c337a8b6cc (diff) | |
| download | timeline-c4fcf37d6018a0a0408920593fbfb7c01af96859.tar.gz timeline-c4fcf37d6018a0a0408920593fbfb7c01af96859.tar.bz2 timeline-c4fcf37d6018a0a0408920593fbfb7c01af96859.zip | |
...
Diffstat (limited to 'Timeline/Controllers/PersonalTimelineController.cs')
| -rw-r--r-- | Timeline/Controllers/PersonalTimelineController.cs | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/Timeline/Controllers/PersonalTimelineController.cs b/Timeline/Controllers/PersonalTimelineController.cs index 842da015..8cf098bf 100644 --- a/Timeline/Controllers/PersonalTimelineController.cs +++ b/Timeline/Controllers/PersonalTimelineController.cs @@ -28,7 +28,7 @@ namespace Timeline.Controllers [HttpGet("users/{username}/timeline")]
public async Task<ActionResult<TimelineInfo>> TimelineGet([FromRoute][Username] string username)
{
- return (await _service.GetTimeline(username)).FillLinks(Url);
+ return (await _service.GetTimeline(username)).FillLinksForPersonalTimeline(Url);
}
[HttpGet("users/{username}/timeline/posts")]
@@ -79,12 +79,12 @@ namespace Timeline.Controllers [Authorize]
public async Task<ActionResult<TimelineInfo>> TimelinePatch([FromRoute][Username] string username, [FromBody] TimelinePatchRequest body)
{
- if (!this.IsAdministrator() && !(User.Identity.Name == username))
+ if (!this.IsAdministrator() && !(await _service.HasManagePermission(username, this.GetUserId())))
{
return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid());
}
await _service.ChangeProperty(username, body);
- var timeline = (await _service.GetTimeline(username)).FillLinks(Url);
+ var timeline = (await _service.GetTimeline(username)).FillLinksForPersonalTimeline(Url);
return Ok(timeline);
}
@@ -92,7 +92,7 @@ namespace Timeline.Controllers [Authorize]
public async Task<ActionResult> TimelineMemberPut([FromRoute][Username] string username, [FromRoute][Username] string member)
{
- if (!this.IsAdministrator() && !(User.Identity.Name == username))
+ if (!this.IsAdministrator() && !(await _service.HasManagePermission(username, this.GetUserId())))
{
return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid());
}
@@ -112,7 +112,7 @@ namespace Timeline.Controllers [Authorize]
public async Task<ActionResult> TimelineMemberDelete([FromRoute][Username] string username, [FromRoute][Username] string member)
{
- if (!this.IsAdministrator() && !(User.Identity.Name == username))
+ if (!this.IsAdministrator() && !(await _service.HasManagePermission(username, this.GetUserId())))
{
return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid());
}
|