mirror of
https://github.com/discourse/discourse.git
synced 2025-05-30 02:27:17 +08:00
FIX: Make ChatMessageUpdater check editing access for guardian (#18902)
Follow up to 766bcbc6840c9d665055441bcd77616b3a96e10e This fixes a gaffe from that commit where I passed in the guardian to ChatMessageUpdater but then forgot to remove the old way of setting the guardian and user instance variables from the chat_message that was passed in. Also, it moves the ensure_can_edit_message! check from the controller into ChatMessageUpdater so all the access checks are in the same place.
This commit is contained in:
@ -144,7 +144,6 @@ class Chat::ChatController < Chat::ChatBaseController
|
||||
end
|
||||
|
||||
def edit_message
|
||||
guardian.ensure_can_edit_chat!(@message)
|
||||
chat_message_updater =
|
||||
Chat::ChatMessageUpdater.update(
|
||||
guardian: guardian,
|
||||
|
Reference in New Issue
Block a user