Skip to content

Commit

Permalink
(fix): canEdit check before save on blogs
Browse files Browse the repository at this point in the history
  • Loading branch information
@markharding
markharding committed Oct 7, 2016
1 parent 9d0b695 commit 864164a
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions plugins/blog/api/v1/blog.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -175,6 +175,13 @@ public function post($pages)
//$blog->setMature($_POST['mature']);
}

if (!$blog->canEdit()) {
return Factory::response([
'status' => 'error',
'message' => 'Sorry, you do not have permission'
]);
}

$blog->save();

if (is_uploaded_file($_FILES['file']['tmp_name'])) {
Expand Down

0 comments on commit 864164a

Please sign in to comment.