Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-02 20:16:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: use fediverse pseudo-user for webfinger privilege checks

Browse Source
This commit is contained in:
Julian Lam
2024-12-02 16:27:49 -05:00
parent d1c27b4d33
commit f32184b23e
1 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/controllers/well-known.js
View File

@@ -31,9 +31,9 @@ Controller.webfinger = async (req, res) => {
if (slug === hostname) {
response = application(response);
} else if (uid) {
response = await profile(req.uid, uid, response);
response = await profile(uid, response);
} else if (cid) {
response = await category(req.uid, cid, response);
response = await category(cid, response);
} else {
return res.sendStatus(404);
}
@@ -59,8 +59,8 @@ function application(response) {
return response;
}
async function profile(callerUid, uid, response) {
const canView = await privileges.global.can('view:users', callerUid);
async function profile(uid, response) {
const canView = await privileges.global.can('view:users', -2);
if (!canView) {
throw new Error('[[error:no-privileges]]');
}
@@ -90,8 +90,8 @@ async function profile(callerUid, uid, response) {
return response;
}
async function category(callerUid, cid, response) {
const canFind = await privileges.categories.can('find', cid, callerUid);
async function category(cid, response) {
const canFind = await privileges.categories.can('find', cid, -2);
if (!canFind) {
throw new Error('[[error:no-privileges]]');
}