mirror of
https://github.com/LemmyNet/lemmy.git
synced 2024-11-26 19:31:05 +00:00
Removing checking permissions when editing posts and comments. (#2727)
* Removing checking permissions when editing posts and comments. Fixes #2714 * Running cargo fmt again. * Adding back in community ban checks.
This commit is contained in:
parent
956d0aa52f
commit
8a27978ee1
2 changed files with 1 additions and 12 deletions
|
@ -5,8 +5,6 @@ use lemmy_api_common::{
|
|||
context::LemmyContext,
|
||||
utils::{
|
||||
check_community_ban,
|
||||
check_community_deleted_or_removed,
|
||||
check_post_deleted_or_removed,
|
||||
get_local_user_view_from_jwt,
|
||||
is_mod_or_admin,
|
||||
local_site_to_slur_regex,
|
||||
|
@ -50,15 +48,12 @@ impl PerformCrud for EditComment {
|
|||
let comment_id = data.comment_id;
|
||||
let orig_comment = CommentView::read(context.pool(), comment_id, None).await?;
|
||||
|
||||
// TODO is this necessary? It should really only need to check on create
|
||||
check_community_ban(
|
||||
local_user_view.person.id,
|
||||
orig_comment.community.id,
|
||||
context.pool(),
|
||||
)
|
||||
.await?;
|
||||
check_community_deleted_or_removed(orig_comment.community.id, context.pool()).await?;
|
||||
check_post_deleted_or_removed(&orig_comment.post)?;
|
||||
|
||||
// Verify that only the creator can edit
|
||||
if local_user_view.person.id != orig_comment.creator.id {
|
||||
|
|
|
@ -4,12 +4,7 @@ use lemmy_api_common::{
|
|||
context::LemmyContext,
|
||||
post::{EditPost, PostResponse},
|
||||
request::fetch_site_data,
|
||||
utils::{
|
||||
check_community_ban,
|
||||
check_community_deleted_or_removed,
|
||||
get_local_user_view_from_jwt,
|
||||
local_site_to_slur_regex,
|
||||
},
|
||||
utils::{check_community_ban, get_local_user_view_from_jwt, local_site_to_slur_regex},
|
||||
websocket::{send::send_post_ws_message, UserOperationCrud},
|
||||
};
|
||||
use lemmy_db_schema::{
|
||||
|
@ -68,7 +63,6 @@ impl PerformCrud for EditPost {
|
|||
context.pool(),
|
||||
)
|
||||
.await?;
|
||||
check_community_deleted_or_removed(orig_post.community_id, context.pool()).await?;
|
||||
|
||||
// Verify that only the creator can edit
|
||||
if !Post::is_post_creator(local_user_view.person.id, orig_post.creator_id) {
|
||||
|
|
Loading…
Reference in a new issue