1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-12-23 17:53:10 +00:00

api: fix panic if anonymous user request admin API

Add sign in check before check user account level
This commit is contained in:
Unknwon 2016-07-23 17:56:37 +08:00
parent 745167d57a
commit e63b2881b1

View file

@ -103,7 +103,7 @@ func ReqBasicAuth() macaron.Handler {
func ReqAdmin() macaron.Handler {
return func(ctx *context.Context) {
if !ctx.User.IsAdmin {
if !ctx.IsSigned || !ctx.User.IsAdmin {
ctx.Error(403)
return
}