yuuza/outline
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Separates policy for file operations

Browse Source
This commit is contained in:
Tom Moor
2022-07-03 18:19:56 +02:00
parent ee10e1407a
commit 9cd26168e1
9 changed files with 113 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/routes/api/collections.ts
View File

@@ -488,7 +488,7 @@ router.post("collections.export", auth(), async (ctx) => {
assertUuid(id, "id is required");
const { user } = ctx.state;
const team = await Team.findByPk(user.teamId);
authorize(user, "export", team);
authorize(user, "createExport", team);
const collection = await Collection.scope({
method: ["withMembership", user.id],
@@ -516,7 +516,7 @@ router.post("collections.export", auth(), async (ctx) => {
router.post("collections.export_all", auth(), async (ctx) => {
const { user } = ctx.state;
const team = await Team.findByPk(user.teamId);
authorize(user, "export", team);
authorize(user, "createExport", team);
const fileOperation = await sequelize.transaction(async (transaction) => {
return collectionExporter({