AZEN-SGG/Kavita
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Read Only Account Changes + Fixes from last PR (#3453)

Browse source
This commit is contained in:
Joe Milazzo 2024-12-10 18:49:08 -06:00 committed by GitHub
parent 41c346d5e6
commit a8144a1d3e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
28 changed files with 193 additions and 38 deletions
Download patch file Download diff file Expand all files Collapse all files

4
API/Controllers/ThemeController.cs
View file

@ -103,7 +103,7 @@ public class ThemeController : BaseApiController
[HttpDelete]
public async Task<ActionResult<IEnumerable<DownloadableSiteThemeDto>>> DeleteTheme(int themeId)
{
if (User.IsInRole(PolicyConstants.ReadOnlyRole)) return BadRequest(await _localizationService.Translate(User.GetUserId(), "permission-denied"));
await _themeService.DeleteTheme(themeId);
return Ok();
@ -128,6 +128,8 @@ public class ThemeController : BaseApiController
[HttpPost("upload-theme")]
public async Task<ActionResult<SiteThemeDto>> DownloadTheme(IFormFile formFile)
{
if (User.IsInRole(PolicyConstants.ReadOnlyRole)) return BadRequest(await _localizationService.Translate(User.GetUserId(), "permission-denied"));
if (!formFile.FileName.EndsWith(".css")) return BadRequest("Invalid file");
if (formFile.FileName.Contains("..")) return BadRequest("Invalid file");
var tempFile = await UploadToTemp(formFile);