shpaq/sct-overseerr
1
0
Fork 0
mirror of https://github.com/sct/overseerr.git synced 2025-09-17 17:24:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix(requests): correctly filter requests out for users without view requests permission

Browse Source
This commit is contained in:
sct
2021-02-15 01:57:20 +00:00
parent 50c143d959
commit e118501bf1
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/routes/request.ts
View File

@@ -89,7 +89,7 @@ requestRoutes.get('/', async (req, res, next) => {
requestStatus: statusFilter, requestStatus: statusFilter,
}) })
.andWhere( .andWhere(
'(request.is4k = false AND media.status IN (:...mediaStatus)) OR (request.is4k = true AND media.status4k IN (:...mediaStatus))', '((request.is4k = 0 AND media.status IN (:...mediaStatus)) OR (request.is4k = 1 AND media.status4k IN (:...mediaStatus)))',
{ {
mediaStatus: mediaStatusFilter, mediaStatus: mediaStatusFilter,
} }
@@ -101,7 +101,7 @@ requestRoutes.get('/', async (req, res, next) => {
{ type: 'or' } { type: 'or' }
) )
) { ) {
query = query.andWhere('request.requestedBy.id = :id', { query = query.andWhere('requestedBy.id = :id', {
id: req.user?.id, id: req.user?.id,
}); });
} }