From 913a6e73827e4f484b236bcdf85b0ba9deeb5133 Mon Sep 17 00:00:00 2001 From: LittleSheep Date: Fri, 2 Jan 2026 01:37:17 +0800 Subject: [PATCH] :zap: Optimize permission check in fediverse publishers --- .../Publisher/PublisherController.cs | 16 ++-------------- 1 file changed, 2 insertions(+), 14 deletions(-) diff --git a/DysonNetwork.Sphere/Publisher/PublisherController.cs b/DysonNetwork.Sphere/Publisher/PublisherController.cs index 585e816..ee7ba4e 100644 --- a/DysonNetwork.Sphere/Publisher/PublisherController.cs +++ b/DysonNetwork.Sphere/Publisher/PublisherController.cs @@ -938,13 +938,7 @@ public class PublisherController( if (publisher is null) return NotFound(); - var member = await db.PublisherMembers - .Where(m => m.AccountId == accountId) - .Where(m => m.PublisherId == publisher.Id) - .FirstOrDefaultAsync(); - if (member is null) - return StatusCode(403, "You are not even a member of targeted publisher."); - if (member.Role < PublisherMemberRole.Manager) + if (!await ps.IsMemberWithRole(publisher.Id, accountId, PublisherMemberRole.Manager)) return StatusCode(403, "You need at least be manager to enable fediverse for this publisher."); try @@ -972,13 +966,7 @@ public class PublisherController( if (publisher is null) return NotFound(); - var member = await db.PublisherMembers - .Where(m => m.AccountId == accountId) - .Where(m => m.PublisherId == publisher.Id) - .FirstOrDefaultAsync(); - if (member is null) - return StatusCode(403, "You are not even a member of targeted publisher."); - if (member.Role < PublisherMemberRole.Manager) + if (!await ps.IsMemberWithRole(publisher.Id, accountId, PublisherMemberRole.Manager)) return StatusCode(403, "You need at least be manager to disable fediverse for this publisher."); try