Backup_Repos/komga
1
0
Fork 0
mirror of https://github.com/gotson/komga.git synced 2025-12-20 07:23:34 +01:00
Code Issues Projects Releases Wiki Activity

fix(api): prevent retrieving own user activity in demo profile

Browse source 
closes #643
This commit is contained in:
Gauthier Roebroeck 2021-09-01 11:56:15 +08:00
parent 619e51bdcd
commit 59c187f3b7
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
komga/src/main/kotlin/org/gotson/komga/interfaces/rest/UserController.kt
View file

@ -161,6 +161,7 @@ class UserController(
@RequestParam(name = "unpaged", required = false) unpaged: Boolean = false,
@Parameter(hidden = true) page: Pageable,
): Page<AuthenticationActivityDto> {
if (demo && !principal.user.roleAdmin) throw ResponseStatusException(HttpStatus.FORBIDDEN)
val sort =
if (page.sort.isSorted) page.sort
else Sort.by(Sort.Order.desc("dateTime"))