matt/stratos
1
0
Fork 0
mirror of https://github.com/matt-fidd/stratos.git synced 2026-01-01 18:19:25 +00:00
Code Issues Projects Releases Wiki Activity

Added Class.hasAccess to validate user input and add security

Browse Source
This commit is contained in:
matt
2022-03-04 22:39:56 +00:00
parent df1c572e14
commit ec87a77dd2
2 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
routes/class.js
View File

@@ -31,6 +31,9 @@ router.get('/class/:id', async (req, res) => {
});
}
if (!await c.hasAccess(await new User(null, req.session.userId)))
return res.redirect('/admin/classes');
const linkRoot = `/class/${c.id}`;
return res.render('class', {