diff options
| author | crupest <crupest@outlook.com> | 2020-03-11 17:25:39 +0800 |
|---|---|---|
| committer | crupest <crupest@outlook.com> | 2020-03-11 17:25:39 +0800 |
| commit | a908d22253b7d6cb5f07eecf5b35c64e4bab0390 (patch) | |
| tree | f67996f329a5e5d5683470db84db65828d96869e /Timeline/Controllers/TimelineController.cs | |
| parent | 706eb877178d9c7f41b93927dedfc6c7ff27b7fd (diff) | |
| download | timeline-a908d22253b7d6cb5f07eecf5b35c64e4bab0390.tar.gz timeline-a908d22253b7d6cb5f07eecf5b35c64e4bab0390.tar.bz2 timeline-a908d22253b7d6cb5f07eecf5b35c64e4bab0390.zip | |
New logic for HasPostModifyPermission
Diffstat (limited to 'Timeline/Controllers/TimelineController.cs')
| -rw-r--r-- | Timeline/Controllers/TimelineController.cs | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/Timeline/Controllers/TimelineController.cs b/Timeline/Controllers/TimelineController.cs index 440b0d19..d21603cd 100644 --- a/Timeline/Controllers/TimelineController.cs +++ b/Timeline/Controllers/TimelineController.cs @@ -189,12 +189,12 @@ namespace Timeline.Controllers [Authorize]
public async Task<ActionResult<CommonDeleteResponse>> PostDelete([FromRoute][GeneralTimelineName] string name, [FromRoute] long id)
{
+ if (!this.IsAdministrator() && !await _service.HasPostModifyPermission(name, id, this.GetUserId()))
+ {
+ return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid());
+ }
try
{
- if (!this.IsAdministrator() && !await _service.HasPostModifyPermission(name, id, this.GetUserId()))
- {
- return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid());
- }
await _service.DeletePost(name, id);
return CommonDeleteResponse.Delete();
}
|