Fixup website content deletion permissions

2025-05-14 05:42:27 +00:00 · 2022-12-19 17:32:37 -06:00 · 2022-12-19 17:32:37 -06:00 · 1b69f6a0e0
commit 1b69f6a0e0
parent f4cad21061
2 changed files with 4 additions and 6 deletions
--- a/ProjectLighthouse.Servers.Website/Controllers/Moderator/ModerationRemovalController.cs
+++ b/ProjectLighthouse.Servers.Website/Controllers/Moderator/ModerationRemovalController.cs
@ -42,9 +42,7 @@ public class ModerationRemovalController : ControllerBase
            Score? score = await this.database.Scores.Include(s => s.Slot).FirstOrDefaultAsync(s => s.ScoreId == id);
            if (score == null) return null;
-            if (!user.IsModerator && score.Slot.CreatorId != user.UserId) return null;
+            return user.IsModerator ? score : null;
            return score;
        });
    }
@ -113,7 +111,7 @@ public class ModerationRemovalController : ControllerBase
            Photo? photo = await this.database.Photos.Include(p => p.Slot).FirstOrDefaultAsync(p => p.PhotoId == id);
            if (photo == null) return null;
-            if (!user.IsModerator && photo.Slot?.CreatorId != user.UserId) return null;
+            if (!user.IsModerator && photo.CreatorId != user.UserId) return null;
            return photo;
        });
--- a/ProjectLighthouse.Servers.Website/Pages/SlotPage.cshtml
+++ b/ProjectLighthouse.Servers.Website/Pages/SlotPage.cshtml
@ -122,7 +122,7 @@
                        @foreach (Photo photo in Model.Photos)
                        {
                            string width = isMobile ? "sixteen" : "eight";
-                            bool canDelete = Model.User != null && (Model.User.IsModerator || Model.User.UserId == photo.CreatorId || Model.User.UserId == Model.Slot?.SlotId);
+                            bool canDelete = Model.User != null && (Model.User.IsModerator || Model.User.UserId == photo.CreatorId);
                            <div class="@width wide column">
                                @await photo.ToHtml(Html, ViewData, language, timeZone, canDelete)
                            </div>
@ -147,7 +147,7 @@
                           "isMobile", isMobile
                       },
                       {
-                           "CanDelete", (Model.User?.IsModerator ?? false) || Model.Slot?.CreatorId == Model.User?.UserId
+                           "CanDelete", Model.User?.IsModerator ?? false
                       },
                   })
        </div>