FediMovies/fedimovies
1
1
Fork 0
Code Issues 3 Pull requests Projects Releases Packages Activity

Check view permission when reposting a post

Browse source
This commit is contained in:
silverpill 2022-01-06 15:35:59 +00:00
parent 2d2ec704a2
commit ba52cf0be1
1 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/mastodon_api/statuses/views.rs
View file

@ -281,12 +281,16 @@ async fn reblog(
) -> Result<HttpResponse, HttpError> { ) -> Result<HttpResponse, HttpError> {
let db_client = &mut **get_database_client(&db_pool).await?; let db_client = &mut **get_database_client(&db_pool).await?;
let current_user = get_current_user(db_client, auth.token()).await?; let current_user = get_current_user(db_client, auth.token()).await?;
let mut post = get_post_by_id(db_client, &status_id).await?;
if !can_view_post(db_client, Some(&current_user), &post).await? {
return Err(HttpError::NotFoundError("post"));
};
let repost_data = PostCreateData { let repost_data = PostCreateData {
repost_of_id: Some(status_id), repost_of_id: Some(status_id),
..Default::default() ..Default::default()
}; };
let repost = create_post(db_client, &current_user.id, repost_data).await?; let repost = create_post(db_client, &current_user.id, repost_data).await?;
let mut post = get_post_by_id(db_client, &status_id).await?; post.repost_count += 1;
get_reposted_posts(db_client, vec![&mut post]).await?; get_reposted_posts(db_client, vec![&mut post]).await?;
get_actions_for_posts(db_client, &current_user.id, vec![&mut post]).await?; get_actions_for_posts(db_client, &current_user.id, vec![&mut post]).await?;