post by id now returns unauthorized if post is hidden

This commit is contained in:
Leonard Lorenz 2020-11-21 21:40:07 +01:00
parent 3dab5f4ab0
commit bfcf1a22e6
2 changed files with 5 additions and 1 deletions

View file

@ -1,6 +1,6 @@
[package] [package]
name = "crablog" name = "crablog"
version = "0.2.0" version = "0.2.1"
authors = ["Leonard Lorenz <dev@leonardlorenz.de>"] authors = ["Leonard Lorenz <dev@leonardlorenz.de>"]
edition = "2018" edition = "2018"

View file

@ -79,6 +79,10 @@ async fn blog_by_id(tmpl: web::Data<tera::Tera>, web::Path(post_id): web::Path<s
if valid { if valid {
let post = db::get_post_by_id(id as i32); let post = db::get_post_by_id(id as i32);
if !post.published {
return Ok(HttpResponse::new(StatusCode::UNAUTHORIZED))
}
let mut context = Context::new(); let mut context = Context::new();
context.insert("post", &post); context.insert("post", &post);
context.insert("username", CONFIG_MAP.read().unwrap().get("USERNAME").unwrap()); context.insert("username", CONFIG_MAP.read().unwrap().get("USERNAME").unwrap());