hj/pleroma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

CommonAPI: Prevent users from accessing media of other users

Browse source 
commit 1afde067b1 upstream.
This commit is contained in:
Mint 2023-09-02 01:43:25 +03:00 committed by Haelwenn (lanodan) Monnier
commit 535a5ecad0
9 changed files with 85 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

2
lib/pleroma/web/common_api/activity_draft.ex
View file

@ -111,7 +111,7 @@ defmodule Pleroma.Web.CommonAPI.ActivityDraft do
end
defp attachments(%{params: params} = draft) do
attachments = Utils.attachments_from_ids(params)
attachments = Utils.attachments_from_ids(params, draft.user)
draft = %__MODULE__{draft | attachments: attachments}
case Utils.validate_attachments_count(attachments) do