github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2025-01-24 14:41:19 +00:00
Code Issues Projects Releases Packages Wiki Activity

added null check on user when checking permissions

Browse source
This commit is contained in:
Henry Oswald 2015-10-19 22:29:36 +01:00
parent 2b8dd7248a
commit f61d97a4f6
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
services/web/app/coffee/managers/SecurityManager.coffee
View file

@ -89,7 +89,9 @@ module.exports = SecurityManager =
requestIsOwner : (req, res, next)-> requestIsOwner : (req, res, next)->
getRequestUserAndProject req, res, {}, (err, user, project)-> getRequestUserAndProject req, res, {}, (err, user, project)->
if userIsOwner user, project || user.isAdmin if !user?
return res.redirect('/restricted')
else if userIsOwner user, project || user.isAdmin
next() next()
else else
logger.log user_id: user?._id, email: user?.email, "user is not owner of project redirecting to restricted page" logger.log user_id: user?._id, email: user?.email, "user is not owner of project redirecting to restricted page"