Nosial/FederationServer
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Add authentication check for operator permissions in DownloadAttachment

Browse source
This commit is contained in:
netkas 2025-06-03 13:41:04 -04:00
parent 1109a6547b
commit 0b463fa70c
Signed by: netkas
GPG key ID: 4D8629441B76E4CC
1 changed files with 1 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
src/FederationServer/Methods/Attachments/DownloadAttachment.php
View file

@ -42,6 +42,7 @@
{
// Require authentication if confidential
$operator = FederationServer::getAuthenticatedOperator();
if(!$operator->canManageBlacklist())
{
throw new RequestException('Insufficient Permissions to view confidential evidence', 401);