indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Check that moderator actions are taken by moderators, and not anyone else

main
Bob Mottram 2020-12-17 10:50:19 +00:00
parent fc8932f627
commit de5f688be8
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
daemon.py
View File

@ -1409,8 +1409,17 @@ class PubServer(BaseHTTPRequestHandler):
""" """
usersPath = path.replace('/moderationaction', '') usersPath = path.replace('/moderationaction', '')
nickname = usersPath.replace('/users/', '') nickname = usersPath.replace('/users/', '')
actorStr = httpPrefix + '://' + domainFull + usersPath if not isModerator(self.server.baseDir, nickname):
if callingDomain.endswith('.onion') and onionDomain:
actorStr = 'http://' + onionDomain + usersPath
elif (callingDomain.endswith('.i2p') and i2pDomain):
actorStr = 'http://' + i2pDomain + usersPath
self._redirect_headers(actorStr + '/moderation',
cookie, callingDomain)
self.server.POSTbusy = False
return
actorStr = httpPrefix + '://' + domainFull + usersPath
length = int(self.headers['Content-length']) length = int(self.headers['Content-length'])
try: try: