Skip to content
Permalink
Browse files

fix: don’t allow editing when no cforum_user cookie is set

  • Loading branch information...
Christian Kruse
Christian Kruse committed Dec 1, 2019
1 parent a98c175 commit 5a2c671b3ce07da4545fbf8eaa8f83a6697566ae
Showing with 1 addition and 1 deletion.
  1. +1 −1 lib/cforum/messages/message_helpers.ex
@@ -150,7 +150,7 @@ defmodule Cforum.Messages.MessageHelpers do
def owner?(conn, message) do
cond do
conn.assigns[:current_user] && conn.assigns[:current_user].user_id == message.user_id -> true
conn.cookies["cforum_user"] == message.uuid -> true
Helpers.present?(message.uuid) && conn.cookies["cforum_user"] == message.uuid -> true
true -> false
end
end

0 comments on commit 5a2c671

Please sign in to comment.
You can’t perform that action at this time.