ami/tl-vikunja
1
0
Fork 0
Code Activity

feat(api tokens): check permissions when saving

Browse Source
This commit is contained in:
kolaente
2023-09-01 08:52:57 +02:00
parent e4c71123ef
commit e3dac16398
4 changed files with 85 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/models/api_tokens.go
View File

@ -102,7 +102,9 @@ func (t *APIToken) Create(s *xorm.Session, a web.Auth) (err error) {
t.OwnerID = a.GetID()
// TODO: validate permissions
if err := PermissionsAreValid(t.Permissions); err != nil {
return err
}
_, err = s.Insert(t)
return err