ryexandra 29037b4995 Security/fix permission bugs (#966) ... * secure the `EditPost` API endpoint * Check user is moderator in BanFromCommunity * secure the `EditComment` API endpoint * pass orig `read` prob when not explicitly updating it. * Block random users from adding mods. * use cleaner logic from `EditPost` * prevent editing a community by a mod from transfering ownership to them * secure `read` action in `EditPrivateMessage` * Add check in UserMention * only let the indended recipient mark as read * simplify booleans to satisfy clippy * requested changes + cargo +nightly fmt * fix to pass federation tests for deleting comments and posts Co-authored-by: chiminh <chiminh.tutanota.com> Co-authored-by: Hex Bear <buildadangtrain@protonmail.com>		2020-07-14 09:17:25 -04:00
..
claims.rs	Split code into cargo workspaces (#67)	2020-07-10 18:15:41 +00:00
comment.rs	Security/fix permission bugs (#966)	2020-07-14 09:17:25 -04:00
community.rs	Security/fix permission bugs (#966)	2020-07-14 09:17:25 -04:00
mod.rs	Split code into cargo workspaces (#67)	2020-07-10 18:15:41 +00:00
post.rs	Security/fix permission bugs (#966)	2020-07-14 09:17:25 -04:00
site.rs	Split code into cargo workspaces (#67)	2020-07-10 18:15:41 +00:00
user.rs	Security/fix permission bugs (#966)	2020-07-14 09:17:25 -04:00