einundzwanzig/einundzwanzig-verein
1
0
Fork 0
mirror of https://github.com/HolgerHatGarKeineNode/einundzwanzig-nostr.git synced 2025-12-13 05:26:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

🚧 fix(association): update authorization check for project proposal based on currentPleb membership and pubkey

Browse Source
This commit is contained in:
fsociety
2024-10-25 12:20:08 +02:00
parent fc9d8be985
commit f297605995
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
resources/views/pages/association/project-support/form/[ProjectProposal:slug].blade.php
View File

@@ -35,7 +35,10 @@ on([
'nostrLoggedIn' => function ($pubkey) { 'nostrLoggedIn' => function ($pubkey) {
$this->currentPubkey = $pubkey; $this->currentPubkey = $pubkey;
$this->currentPleb = \App\Models\EinundzwanzigPleb::query()->where('pubkey', $pubkey)->first(); $this->currentPleb = \App\Models\EinundzwanzigPleb::query()->where('pubkey', $pubkey)->first();
if ($this->currentPleb->id !== $this->projectProposal->einundzwanzig_pleb_id) { if (
$this->currentPleb->id !== $this->projectProposal->einundzwanzig_pleb_id
|| !in_array($this->currentPleb->npub, config('einundzwanzig.config.current_board'), true)
) {
return $this->js('alert("Du bist hierzu nicht berechtigt.")'); return $this->js('alert("Du bist hierzu nicht berechtigt.")');
} }
$this->isAllowed = true; $this->isAllowed = true;