v3: added a roles/permissions system, added user management tab on user profile
All checks were successful
Build and Publish Docker Image / build-and-push (push) Successful in 42s

This commit is contained in:
khannurien
2026-06-28 06:21:23 +00:00
parent b567e390d9
commit 810faaf21a
22 changed files with 341 additions and 60 deletions

View File

@@ -91,7 +91,7 @@ export function updateComment(
commentId: string,
body: string,
requestingUserId: string,
isAdmin: boolean,
canModerate: boolean,
): { comment: Comment; dumpId: string; isPrivate: boolean } {
const row = db.prepare(
`SELECT c.dump_id, d.is_private FROM comments c JOIN dumps d ON c.dump_id = d.id WHERE c.id = ?;`,
@@ -107,7 +107,7 @@ export function updateComment(
"Cannot edit a deleted comment",
);
}
if (existing.userId !== requestingUserId && !isAdmin) {
if (existing.userId !== requestingUserId && !canModerate) {
throw new APIException(
APIErrorCode.UNAUTHORIZED,
401,
@@ -143,7 +143,7 @@ export function updateComment(
export function deleteComment(
commentId: string,
requestingUserId: string,
isAdmin: boolean,
canModerate: boolean,
): { dumpId: string; isPrivate: boolean } {
const row = db.prepare(
`SELECT c.dump_id, d.is_private FROM comments c JOIN dumps d ON c.dump_id = d.id WHERE c.id = ?;`,
@@ -152,7 +152,7 @@ export function deleteComment(
throw new APIException(APIErrorCode.NOT_FOUND, 404, "Comment not found");
}
const comment = fetchComment(commentId);
if (comment.userId !== requestingUserId && !isAdmin) {
if (comment.userId !== requestingUserId && !canModerate) {
throw new APIException(
APIErrorCode.UNAUTHORIZED,
401,