colin
/
sharded-gotify
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Check ownership of app on GetMessagesWithToken

This commit is contained in:
Jannis Mattheis 2018-03-10 21:32:45 +01:00 committed by Jannis Mattheis
parent 98df7501f6
commit 4078358aaa
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
api/message.go
View File

@ -43,8 +43,12 @@ func (a *MessageAPI) GetMessages(ctx *gin.Context) {
// GetMessagesWithApplication returns all messages from a specific application. // GetMessagesWithApplication returns all messages from a specific application.
func (a *MessageAPI) GetMessagesWithApplication(ctx *gin.Context) { func (a *MessageAPI) GetMessagesWithApplication(ctx *gin.Context) {
withID(ctx, "appid", func(id uint) { withID(ctx, "appid", func(id uint) {
messages := a.DB.GetMessagesByApplication(id) if app := a.DB.GetApplicationByID(id); app != nil && app.UserID == auth.GetUserID(ctx) {
ctx.JSON(200, messages) messages := a.DB.GetMessagesByApplication(id)
ctx.JSON(200, messages)
} else {
ctx.AbortWithError(404, errors.New("application does not exist"))
}
}) })
} }