yetangitu/Peertube
1
0
Fork 0
mirror of https://github.com/Chocobozzz/PeerTube.git synced 2025-10-04 02:09:37 +02:00
Code Issues Releases Wiki Activity

Improve AP actor checks

Browse source
This commit is contained in:
Chocobozzz 2018-09-19 15:47:55 +02:00
parent e587e0ecee
commit 12ba460e9e
No known key found for this signature in database
GPG key ID: 583A612D890159BE
5 changed files with 30 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

4
server/lib/activitypub/process/process-delete.ts
View file

@ -94,6 +94,10 @@ function processDeleteVideoComment (byActor: ActorModel, videoComment: VideoComm
logger.debug('Removing remote video comment "%s".', videoComment.url)
return sequelizeTypescript.transaction(async t => {
if (videoComment.Account.id !== byActor.Account.id) {
throw new Error('Account ' + byActor.url + ' does not own video comment ' + videoComment.url)
}
await videoComment.destroy({ transaction: t })
if (videoComment.Video.isOwned()) {