Union/ProjectLighthouse
1
0
Fork 0
mirror of https://github.com/LBPUnion/ProjectLighthouse.git synced 2025-07-29 08:28:39 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Check if user owns level before unpublishing

Browse source
This commit is contained in:
jvyden 2021-10-31 19:06:58 -04:00
commit 8f7d536f50
No known key found for this signature in database
GPG key ID: 18BCF2BE0262B278
1 changed files with 5 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
ProjectLighthouse/Controllers/PublishController.cs
View file

@ -111,8 +111,13 @@ namespace LBPUnion.ProjectLighthouse.Controllers
[HttpPost("unpublish/{id:int}")]
public async Task<IActionResult> Unpublish(int id)
{
User user = await this.database.UserFromRequest(this.Request);
if (user == null) return this.StatusCode(403, "");
Slot slot = await this.database.Slots.Include(s => s.Location).FirstOrDefaultAsync(s => s.SlotId == id);
if (slot.CreatorId != user.UserId) return this.StatusCode(403, "");
this.database.Locations.Remove(slot.Location);
this.database.Slots.Remove(slot);