YourSelfHosted/memos
1
0
Fork 0
mirror of https://github.com/usememos/memos.git synced 2025-02-12 09:20:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

chore: tweak get memo by name

Browse Source
This commit is contained in:
Steven 2024-01-21 10:57:53 +08:00
parent 4d48f50815
commit c38404b5d5
2 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
api/v2/acl_config.go
View File

@ -8,6 +8,7 @@ var authenticationAllowlistMethods = map[string]bool{
"/memos.api.v2.UserService/GetUser": true,
"/memos.api.v2.MemoService/ListMemos": true,
"/memos.api.v2.MemoService/GetMemo": true,
"/memos.api.v2.MemoService/GetMemoByName": true,
"/memos.api.v2.MemoService/ListMemoResources": true,
"/memos.api.v2.MemoService/ListMemoRelations": true,
"/memos.api.v2.MemoService/ListMemoComments": true,

12
api/v2/memo_service.go
View File

@ -247,6 +247,18 @@ func (s *APIV2Service) GetMemoByName(ctx context.Context, request *apiv2pb.GetMe
if memo == nil {
return nil, status.Errorf(codes.NotFound, "memo not found")
}
if memo.Visibility != store.Public {
user, err := getCurrentUser(ctx, s.Store)
if err != nil {
return nil, status.Errorf(codes.Internal, "failed to get user")
}
if user == nil {
return nil, status.Errorf(codes.PermissionDenied, "permission denied")
}
if memo.Visibility == store.Private && memo.CreatorID != user.ID {
return nil, status.Errorf(codes.PermissionDenied, "permission denied")
}
}
memoMessage, err := s.convertMemoFromStore(ctx, memo)
if err != nil {