liz/PluralKit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix(apiv2): correctly apply privacy settings on switch get

Browse Source
This commit is contained in:
spiral
2021-10-12 06:18:54 -04:00
parent e2a56a198f
commit c164fad2ac
2 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
PluralKit.API/Controllers/v2/SwitchControllerV2.cs
View File

@@ -105,13 +105,13 @@ namespace PluralKit.API
if (system == null)
throw APIErrors.SystemNotFound;
var sw = await _repo.GetSwitchByUuid(switchId);
if (sw == null || system.Id != sw.System)
throw APIErrors.SwitchNotFound;
var ctx = this.ContextFor(system);
if (!system.FrontHistoryPrivacy.CanAccess(ctx))
throw APIErrors.UnauthorizedFrontHistory;
var sw = await _repo.GetSwitchByUuid(switchId);
if (sw == null)
throw APIErrors.SwitchNotFound;
var members = _db.Execute(conn => _repo.GetSwitchMembers(conn, sw.Id));

2
PluralKit.API/Errors.cs
View File

@@ -46,7 +46,7 @@ namespace PluralKit.API
public static PKError MemberNotFound = new(404, 20002, "Member not found.");
public static PKError GroupNotFound = new(404, 20003, "Group not found.");
public static PKError MessageNotFound = new(404, 20004, "Message not found.");
public static PKError SwitchNotFound = new(404, 20005, "Switch not found.");
public static PKError SwitchNotFound = new(404, 20005, "Switch not found, switch is associated to different system, or unauthorized to view front history.");
public static PKError UnauthorizedMemberList = new(403, 30001, "Unauthorized to view member list");
public static PKError UnauthorizedGroupList = new(403, 30002, "Unauthorized to view group list");
public static PKError UnauthorizedGroupMemberList = new(403, 30003, "Unauthorized to view group member list");