t/tetratto
1
0
Fork 0
Code Issues Pull requests Projects Releases 2 Packages Wiki Activity Actions

fix: association removal panic

Browse source
This commit is contained in:
trisua 2025-06-12 21:06:04 -04:00
parent 0dede99682
commit 6fcbb1fe00
3 changed files with 6 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

7
crates/app/src/routes/api/v1/auth/profile.rs
View file

@ -152,9 +152,11 @@ pub async fn append_associations_request(
// check existing associations to remove associations to deleted users
// the user should take care of cleaning their ui themselves
let mut removed_count: usize = 0;
for (idx, id) in user.associated.clone().iter().enumerate() {
if data.get_user_by_id(id.to_owned()).await.is_err() {
user.associated.remove(idx);
user.associated.remove(idx - removed_count);
removed_count += 1; // we need offset each index by this amount to account for removals
}
}
@ -501,8 +503,7 @@ pub async fn subscription_handler(
None => return Err("Socket refused"),
};
if user.id.to_string() != user_id {
// TODO: maybe allow moderators to connect anyway
if user.id.to_string() != user_id && !user.permissions.check(FinePermission::MANAGE_USERS) {
return Err("Socket refused (auth)");
}