haiwen/seahub
1
0
Fork 0
mirror of https://github.com/haiwen/seahub.git synced 2025-09-02 07:27:04 +00:00
Code Issues Releases Wiki Activity

modify file comment permission (#3116)

Browse Source
This commit is contained in:
王健辉
2019-03-15 14:47:34 +08:00
committed by Daniel Pan
parent c8013bb4fb
commit 3a8aa8c887
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
seahub/api2/endpoints/file_comment.py
View File

@@ -16,6 +16,7 @@ from seahub.avatar.settings import AVATAR_DEFAULT_SIZE
from seahub.base.models import FileComment from seahub.base.models import FileComment
from seahub.utils.repo import is_repo_owner from seahub.utils.repo import is_repo_owner
from seahub.views import check_folder_permission from seahub.views import check_folder_permission
from seahub.constants import PERMISSION_READ_WRITE
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
@@ -87,8 +88,7 @@ class FileCommentView(APIView):
return api_error(status.HTTP_404_NOT_FOUND, error_msg) return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# permission check # permission check
username = request.user.username if check_folder_permission(request, repo_id, '/') != PERMISSION_READ_WRITE:
if username != file_comment.author and not is_repo_owner(request, repo_id, username):
error_msg = 'Permission denied.' error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg) return api_error(status.HTTP_403_FORBIDDEN, error_msg)