From 59e2321c6686308361179abe09553bb44b880e23 Mon Sep 17 00:00:00 2001 From: daiao <358551898@qq.com> Date: Mon, 9 Mar 2020 22:00:48 +0800 Subject: [PATCH 1/3] =?UTF-8?q?=E5=88=A0=E9=99=A4=E8=A7=86=E9=A2=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/users/videos_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/users/videos_controller.rb b/app/controllers/users/videos_controller.rb index 645c25362..3aa8e106d 100644 --- a/app/controllers/users/videos_controller.rb +++ b/app/controllers/users/videos_controller.rb @@ -54,7 +54,7 @@ class Users::VideosController < Users::BaseController end def destroy - video = observed_user.videos.find_by(id: params[:video_id]) + video = Video.find_by(id: params[:video_id]) render_forbidden unless video.user_id != observed_user.id || !current_user.admin_or_business? return render_not_found if video.blank? return render_error('该状态下不能删除视频') unless video.pending? From aa2ceb4817025c7947b1339a8ebeb4173587d35d Mon Sep 17 00:00:00 2001 From: daiao <358551898@qq.com> Date: Mon, 9 Mar 2020 22:02:58 +0800 Subject: [PATCH 2/3] 1 --- app/controllers/users/videos_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/users/videos_controller.rb b/app/controllers/users/videos_controller.rb index 3aa8e106d..558ea1f21 100644 --- a/app/controllers/users/videos_controller.rb +++ b/app/controllers/users/videos_controller.rb @@ -54,7 +54,7 @@ class Users::VideosController < Users::BaseController end def destroy - video = Video.find_by(id: params[:video_id]) + video = Video.find_by(id: params[:id]) render_forbidden unless video.user_id != observed_user.id || !current_user.admin_or_business? return render_not_found if video.blank? return render_error('该状态下不能删除视频') unless video.pending? From 5177a91b13234e91f4c3db26ae6243565d7e9428 Mon Sep 17 00:00:00 2001 From: daiao <358551898@qq.com> Date: Mon, 9 Mar 2020 22:06:06 +0800 Subject: [PATCH 3/3] =?UTF-8?q?=E6=9D=83=E9=99=90=E5=88=A4=E6=96=AD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/users/videos_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/users/videos_controller.rb b/app/controllers/users/videos_controller.rb index 558ea1f21..fdd7e0c76 100644 --- a/app/controllers/users/videos_controller.rb +++ b/app/controllers/users/videos_controller.rb @@ -55,7 +55,7 @@ class Users::VideosController < Users::BaseController def destroy video = Video.find_by(id: params[:id]) - render_forbidden unless video.user_id != observed_user.id || !current_user.admin_or_business? + return render_forbidden unless video.user_id == current_user.id || current_user.admin_or_business? return render_not_found if video.blank? return render_error('该状态下不能删除视频') unless video.pending?