mirror of
https://github.com/pixelfed/pixelfed.git
synced 2024-11-09 16:24:51 +00:00
Fix api endpoints
This commit is contained in:
parent
fd7f5dbba1
commit
62b9eef805
2 changed files with 3 additions and 2 deletions
|
@ -956,8 +956,7 @@ class ApiV1Controller extends Controller
|
|||
*/
|
||||
public function accountRelationshipsById(Request $request)
|
||||
{
|
||||
abort_if(!$request->user() || !$request->user()->token(), 403);
|
||||
abort_unless($request->user()->tokenCan('read'), 403);
|
||||
abort_if(!$request->user(), 403);
|
||||
|
||||
$this->validate($request, [
|
||||
'id' => 'required|array|min:1|max:20',
|
||||
|
|
|
@ -260,6 +260,8 @@ class ComposeController extends Controller
|
|||
$q = mb_substr($q, 1);
|
||||
}
|
||||
|
||||
$user = $request->user();
|
||||
|
||||
abort_if($user->has_roles && !UserRoleService::can('can-post', $user->id), 403, 'Invalid permissions for this action');
|
||||
|
||||
$blocked = UserFilter::whereFilterableType('App\Profile')
|
||||
|
|
Loading…
Reference in a new issue