michael/pyfedi
1
0
Fork 0
mirror of https://codeberg.org/rimu/pyfedi synced 2025-01-23 19:36:56 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge remote-tracking branch 'origin/main'

Browse source
This commit is contained in:
rimu 2024-10-14 12:35:38 +13:00
commit d8c75991cd
3 changed files with 11 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
app/api/alpha/utils/reply.py
View file

@ -125,7 +125,9 @@ def post_reply(auth, data):
body = data['body'] body = data['body']
post_id = data['post_id'] post_id = data['post_id']
parent_id = data['parent_id'] if 'parent_id' in data else None parent_id = data['parent_id'] if 'parent_id' in data else None
language_id = data['language_id'] if 'language_id' in data else 2 language_id = data['language_id'] if 'language_id' in data else 2 # FIXME: use site language
if language_id < 2:
language_id = 2 # FIXME: use site language
input = {'body': body, 'notify_author': True, 'language_id': language_id} input = {'body': body, 'notify_author': True, 'language_id': language_id}
post = Post.query.get(post_id) post = Post.query.get(post_id)
@ -145,7 +147,9 @@ def put_reply(auth, data):
reply_id = data['comment_id'] reply_id = data['comment_id']
body = data['body'] if 'body' in data else '' body = data['body'] if 'body' in data else ''
language_id = data['language_id'] if 'language_id' in data else 2 language_id = data['language_id'] if 'language_id' in data else 2 # FIXME: use site language
if language_id < 2:
language_id = 2 # FIXME: use site language
input = {'body': body, 'notify_author': True, 'language_id': language_id} input = {'body': body, 'notify_author': True, 'language_id': language_id}
reply = PostReply.query.get(reply_id) reply = PostReply.query.get(reply_id)

2
app/shared/reply.py
View file

@ -352,7 +352,7 @@ def make_reply(input, post, parent_id, src, auth=None):
def edit_reply(input, reply, post, src, auth=None): def edit_reply(input, reply, post, src, auth=None):
if src == SRC_API: if src == SRC_API:
user = authorise_api_user(auth, return_type='model') user = authorise_api_user(auth, return_type='model', id_match=reply.user_id)
content = input['body'] content = input['body']
notify_author = input['notify_author'] notify_author = input['notify_author']
language_id = input['language_id'] language_id = input['language_id']

6
app/utils.py
View file

@ -1281,7 +1281,7 @@ def add_to_modlog_activitypub(action: str, actor: User, community_id: int = None
db.session.commit() db.session.commit()
def authorise_api_user(auth, return_type='id'): def authorise_api_user(auth, return_type=None, id_match=None):
if not auth: if not auth:
raise Exception('incorrect_login') raise Exception('incorrect_login')
token = auth[7:] # remove 'Bearer ' token = auth[7:] # remove 'Bearer '
@ -1293,7 +1293,9 @@ def authorise_api_user(auth, return_type='id'):
issued_at = decoded['iat'] # use to check against blacklisted JWTs issued_at = decoded['iat'] # use to check against blacklisted JWTs
user = User.query.filter_by(id=user_id, ap_id=None, verified=True, banned=False, deleted=False).scalar() user = User.query.filter_by(id=user_id, ap_id=None, verified=True, banned=False, deleted=False).scalar()
if user: if user:
if return_type == 'model': if id_match and user.id != id_match:
raise Exception('incorrect_login')
if return_type and return_type == 'model':
return user return user
else: else:
return user.id return user.id