🐛 Fix set avatar cause group permission leaked to personal

This commit is contained in:
LittleSheep 2025-03-25 21:48:51 +08:00
parent 9712119238
commit 742edaa9e2
3 changed files with 4 additions and 8 deletions

View File

@ -113,7 +113,7 @@ func getUserinfo(c *fiber.Ctx) error {
return c.JSON(resp)
}
func updateUserinfo(c *fiber.Ctx) error {
func editUserinfo(c *fiber.Ctx) error {
if err := exts.EnsureAuthenticated(c); err != nil {
return err
}

View File

@ -26,9 +26,7 @@ func setAvatar(c *fiber.Ctx) error {
}
og := user.Avatar
user.Avatar = &data.AttachmentID
if err := database.C.Save(&user).Error; err != nil {
if err := database.C.Model(&user).Update("avatar", data.AttachmentID).Error; err != nil {
return fiber.NewError(fiber.StatusInternalServerError, err.Error())
} else {
services.AddEvent(user.ID, "profile.edit.avatar", nil, c.IP(), c.Get(fiber.HeaderUserAgent))
@ -64,9 +62,7 @@ func setBanner(c *fiber.Ctx) error {
}
og := user.Banner
user.Banner = &data.AttachmentID
if err := database.C.Save(&user).Error; err != nil {
if err := database.C.Model(&user).Update("banner", data.AttachmentID).Error; err != nil {
return fiber.NewError(fiber.StatusInternalServerError, err.Error())
} else {
services.AddEvent(user.ID, "profile.edit.banner", nil, c.IP(), c.Get(fiber.HeaderUserAgent))

View File

@ -67,7 +67,7 @@ func MapControllers(app *fiber.App, baseURL string) {
me.Get("/", getUserinfo)
me.Get("/oidc", getUserinfoForOidc)
me.Put("/", updateUserinfo)
me.Put("/", editUserinfo)
me.Put("/language", updateAccountLanguage)
me.Get("/events", getEvents)
me.Get("/tickets", getTickets)