Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Fix auth check for short links
  • Loading branch information
regalijan committed Nov 1, 2024
1 parent 3b86510 commit abedaa8
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 5 deletions.
4 changes: 2 additions & 2 deletions app/routes/short-links.tsx
Expand Up @@ -32,9 +32,9 @@ export async function loader({ context }: { context: RequestContext }) {
});

if (
![0, 2, 4, 5, 6, 7, 9, 10, 11, 12].find(
typeof [0, 2, 4, 5, 6, 7, 9, 10, 11, 12].find(
(i) => context.data.current_user.permissions & (1 << i),
)
) === "undefined"
)
throw new Response(null, {
status: 403,
Expand Down
4 changes: 2 additions & 2 deletions app/routes/short-links_.create.tsx
Expand Up @@ -27,9 +27,9 @@ export async function loader({ context }: { context: RequestContext }) {
});

if (
![0, 2, 4, 5, 6, 7, 9, 10, 11, 12].find(
typeof [0, 2, 4, 5, 6, 7, 9, 10, 11, 12].find(
(i) => context.data.current_user.permissions & (1 << i),
)
) === "undefined"
)
throw new Response(null, {
status: 403,
Expand Down
4 changes: 3 additions & 1 deletion functions/api/short-links/_middleware.ts
Expand Up @@ -6,7 +6,9 @@ export async function onRequest(context: RequestContext) {
if (!user) return jsonError("Unauthorized", 401);

if (
![0, 2, 4, 5, 6, 7, 9, 10, 11, 12].find((i) => user.permissions & (1 << i))
typeof [0, 2, 4, 5, 6, 7, 9, 10, 11, 12].find(
(i) => user.permissions & (1 << i),
) === "undefined"
)
return jsonError("Forbidden", 403);

Expand Down

0 comments on commit abedaa8

Please sign in to comment.