tmp use cannot reply others
This commit is contained in:
@@ -118,6 +118,9 @@ pub async fn add_comment(
|
|||||||
rconn: RdsConn,
|
rconn: RdsConn,
|
||||||
) -> JsonApi {
|
) -> JsonApi {
|
||||||
let mut p = Post::get(&db, &rconn, pid).await?;
|
let mut p = Post::get(&db, &rconn, pid).await?;
|
||||||
|
if p.author_hash != user.namehash {
|
||||||
|
user.id.ok_or(YouAreTmp)?;
|
||||||
|
}
|
||||||
let use_title = ci.use_title.is_some() || user.is_admin || user.is_candidate;
|
let use_title = ci.use_title.is_some() || user.is_admin || user.is_candidate;
|
||||||
let c = Comment::create(
|
let c = Comment::create(
|
||||||
&db,
|
&db,
|
||||||
|
|||||||
@@ -172,7 +172,7 @@ impl<'r> Responder<'r, 'static> for ApiError {
|
|||||||
PolicyError::TitleUsed => "头衔已被使用",
|
PolicyError::TitleUsed => "头衔已被使用",
|
||||||
PolicyError::TitleProtected => "头衔处于保护期",
|
PolicyError::TitleProtected => "头衔处于保护期",
|
||||||
PolicyError::InvalidTitle => "头衔包含不允许的符号",
|
PolicyError::InvalidTitle => "头衔包含不允许的符号",
|
||||||
PolicyError::YouAreTmp => "临时用户只可发布内容和进入单个洞",
|
PolicyError::YouAreTmp => "临时用户只可发布内容",
|
||||||
PolicyError::NoReason => "未填写理由",
|
PolicyError::NoReason => "未填写理由",
|
||||||
PolicyError::UnknownPushEndpoint => "未知的浏览器推送地址",
|
PolicyError::UnknownPushEndpoint => "未知的浏览器推送地址",
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -143,6 +143,7 @@ pub async fn ps2outputs(
|
|||||||
|
|
||||||
#[get("/getone?<pid>")]
|
#[get("/getone?<pid>")]
|
||||||
pub async fn get_one(pid: i32, user: CurrentUser, db: Db, rconn: RdsConn) -> JsonApi {
|
pub async fn get_one(pid: i32, user: CurrentUser, db: Db, rconn: RdsConn) -> JsonApi {
|
||||||
|
user.id.ok_or(YouAreTmp)?;
|
||||||
let p = Post::get(&db, &rconn, pid).await?;
|
let p = Post::get(&db, &rconn, pid).await?;
|
||||||
p.check_permission(&user, "ro")?;
|
p.check_permission(&user, "ro")?;
|
||||||
Ok(json!({
|
Ok(json!({
|
||||||
|
|||||||
Reference in New Issue
Block a user