eightequal/AstralRinth
1
0
Fork 0
forked from didirus/AstralRinth
Code Pull Requests Activity

Fix permissions checks for projects, fix gallery URLs (#321)

Browse Source
This commit is contained in:
Geometrically
2022-03-16 07:49:09 -07:00
committed by GitHub
parent 3883c509b9
commit 023663b268
4 changed files with 25 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/routes/projects.rs
View File

@@ -96,17 +96,24 @@ struct DependencyInfo {
#[get("dependencies")]
pub async fn dependency_list(
req: HttpRequest,
info: web::Path<(String,)>,
pool: web::Data<PgPool>,
) -> Result<HttpResponse, ApiError> {
let string = info.into_inner().0;
let result =
database::models::Project::get_from_slug_or_project_id(string, &**pool)
database::models::Project::get_full_from_slug_or_project_id(&string, &**pool)
.await?;
let user_option = get_user_from_headers(req.headers(), &**pool).await.ok();
if let Some(project) = result {
let id = project.id;
if !is_authorized(&project, &user_option, &pool).await? {
return Ok(HttpResponse::NotFound().body(""));
}
let id = project.inner.id;
use futures::stream::TryStreamExt;