floraachy/gitlink-forgeplus
1
0
Fork 0
mirror of https://gitlink.org.cn/Gitlink/forgeplus.git synced 2026-05-22 04:35:45 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

修复

Browse Source
This commit is contained in:
yystopf
2023-02-23 20:54:48 +08:00
parent 8487c67bab
commit 3fd04109d6
7 changed files with 42 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/controllers/api/v1/issues/journals_controller.rb
View File

@@ -38,7 +38,7 @@ class Api::V1::Issues::JournalsController < Api::V1::BaseController
end
def journal_params
params.permit(:notes, :parent_id, :reply_id, :attachment_ids => [])
params.permit(:notes, :parent_id, :reply_id, :attachment_ids => [], :receivers_login => [])
end
def load_issue
@@ -54,7 +54,7 @@ class Api::V1::Issues::JournalsController < Api::V1::BaseController
end
def check_journal_operate_permission
return render_forbidden("您没有操作权限!") unless current_user.present? && current_user.logged? && (@project.member?(current_user) || current_user.admin? || @issue.user == current_user || @journal.user == current_user)
return render_forbidden("您没有操作权限!") unless @project.member?(current_user) || current_user.admin? || @issue.user == current_user || @journal.user == current_user || @journal.parent_journal&.user == current_user
end
end