Browse Source

api: fix panic if anonymous user request admin API

Add sign in check before check user account level
pull/2852/head
Unknwon 9 years ago
parent
commit
e63b2881b1
  1. 2
      routers/api/v1/api.go

2
routers/api/v1/api.go

@ -103,7 +103,7 @@ func ReqBasicAuth() macaron.Handler {
func ReqAdmin() macaron.Handler { func ReqAdmin() macaron.Handler {
return func(ctx *context.Context) { return func(ctx *context.Context) {
if !ctx.User.IsAdmin { if !ctx.IsSigned || !ctx.User.IsAdmin {
ctx.Error(403) ctx.Error(403)
return return
} }

Loading…
Cancel
Save