Skip to content

Commit

Permalink
Merge pull request #114 from yujular/main
Browse files Browse the repository at this point in the history 
feat: add admin check for @ and # tag in CreateTag
  • Loading branch information
@JingYiJun
JingYiJun authored Sep 17, 2023
2 parents 057cfdd + 1c2a95f commit 68997d7
Showing 1 changed file with 16 additions and 0 deletions.
16 changes: 16 additions & 0 deletions apis/tag/apis.go
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
package tag

import (
"strings"

"github.com/opentreehole/go-common"
"gorm.io/plugin/dbresolver"

Expand Down Expand Up @@ -85,6 +87,20 @@ func CreateTag(c *fiber.Ctx) error {
return err
}

// check tag prefix
user, err := GetUser(c)
if err != nil {
return err
}
if !user.IsAdmin {
if strings.HasPrefix(body.Name, "#") {
return common.BadRequest("只有管理员才能创建 # 开头的 tag")
}
if strings.HasPrefix(body.Name, "@") {
return common.BadRequest("只有管理员才能创建 @ 开头的 tag")
}
}

// bind and create tag
tag.Name = body.Name
result := DB.Where("name = ?", body.Name).FirstOrCreate(&tag)
Expand Down

0 comments on commit 68997d7

Please sign in to comment.