gitea-mirror/zipline
1
0
Fork 0
mirror of https://github.com/diced/zipline.git synced 2025-12-05 20:40:12 -08:00
Code Issues Packages Projects Releases Wiki Activity

fix: editing files that are owned by current user

Browse Source
This commit is contained in:
diced
2025-11-15 23:20:11 -08:00
parent d49afe60c8
commit b2db0c15a3
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/server/routes/api/user/files/[id]/index.ts
View File

@@ -39,7 +39,8 @@ export default fastifyPlugin(
}); });
if (!file) return res.notFound(); if (!file) return res.notFound();
if (!canInteract(req.user.role, file.User?.role ?? 'USER')) return res.notFound(); if (req.user.id !== file.User?.id && !canInteract(req.user.role, file.User?.role ?? 'USER'))
return res.notFound();
return res.send(file); return res.send(file);
}); });
@@ -56,7 +57,8 @@ export default fastifyPlugin(
}); });
if (!file) return res.notFound(); if (!file) return res.notFound();
if (!canInteract(req.user.role, file.User?.role ?? 'USER')) return res.notFound(); if (req.user.id !== file.User?.id && !canInteract(req.user.role, file.User?.role ?? 'USER'))
return res.notFound();
const data: Prisma.FileUpdateInput = {}; const data: Prisma.FileUpdateInput = {};