mirror of
https://github.com/pixelfed/pixelfed.git
synced 2024-12-28 02:36:50 +00:00
Update ComposeController, add permissions check
This commit is contained in:
parent
d39946b045
commit
75b0f2dda0
1 changed files with 3 additions and 0 deletions
|
@ -54,6 +54,7 @@ use App\Util\Lexer\Autolink;
|
||||||
use App\Util\Lexer\Extractor;
|
use App\Util\Lexer\Extractor;
|
||||||
use App\Util\Media\License;
|
use App\Util\Media\License;
|
||||||
use Image;
|
use Image;
|
||||||
|
use App\Services\UserRoleService;
|
||||||
|
|
||||||
class ComposeController extends Controller
|
class ComposeController extends Controller
|
||||||
{
|
{
|
||||||
|
@ -92,6 +93,7 @@ class ComposeController extends Controller
|
||||||
|
|
||||||
$user = Auth::user();
|
$user = Auth::user();
|
||||||
$profile = $user->profile;
|
$profile = $user->profile;
|
||||||
|
abort_if($user->has_roles && !UserRoleService::can('can-post', $user->id), 403, 'Invalid permissions for this action');
|
||||||
|
|
||||||
$limitKey = 'compose:rate-limit:media-upload:' . $user->id;
|
$limitKey = 'compose:rate-limit:media-upload:' . $user->id;
|
||||||
$limitTtl = now()->addMinutes(15);
|
$limitTtl = now()->addMinutes(15);
|
||||||
|
@ -184,6 +186,7 @@ class ComposeController extends Controller
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$user = Auth::user();
|
$user = Auth::user();
|
||||||
|
abort_if($user->has_roles && !UserRoleService::can('can-post', $user->id), 403, 'Invalid permissions for this action');
|
||||||
|
|
||||||
$limitKey = 'compose:rate-limit:media-updates:' . $user->id;
|
$limitKey = 'compose:rate-limit:media-updates:' . $user->id;
|
||||||
$limitTtl = now()->addMinutes(15);
|
$limitTtl = now()->addMinutes(15);
|
||||||
|
|
Loading…
Reference in a new issue