teach/atsebay.t
Archived
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix bad Admin authorization handling
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
nemunaire 2022-09-16 11:37:55 +02:00
parent 73b33f9fb5
commit 99d58f69c2
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
keys.go
View File

@ -179,7 +179,7 @@ func keyHandler(c *gin.Context) {
if kid, err := strconv.Atoi(string(c.Param("kid"))); err != nil {
c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"errmsg": "Bad key identifier."})
return
} else if u.IsAdmin {
} else if c.MustGet("LoggedUser").(*User).IsAdmin {
if key, err := getKey(kid); err != nil {
c.AbortWithStatusJSON(http.StatusNotFound, gin.H{"errmsg": "Key not found."})
return

2
repositories.go
View File

@ -319,7 +319,7 @@ func repositoryHandler(c *gin.Context) {
if rid, err := strconv.Atoi(string(c.Param("rid"))); err != nil {
c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"errmsg": "Bad repository identifier."})
return
} else if u.IsAdmin {
} else if c.MustGet("LoggedUser").(*User).IsAdmin {
if repository, err := getRepository(rid); err != nil {
c.AbortWithStatusJSON(http.StatusNotFound, gin.H{"errmsg": "Repository not found."})
return