|
|
@ -70,14 +70,14 @@ func UploadAttachment(ctx *context.Context) {
|
|
|
|
func DeleteAttachment(ctx *context.Context) {
|
|
|
|
func DeleteAttachment(ctx *context.Context) {
|
|
|
|
file := ctx.Query("file")
|
|
|
|
file := ctx.Query("file")
|
|
|
|
attach, err := models.GetAttachmentByUUID(file)
|
|
|
|
attach, err := models.GetAttachmentByUUID(file)
|
|
|
|
if !ctx.IsSigned || (ctx.User.ID != attach.UploaderID) {
|
|
|
|
|
|
|
|
ctx.Error(403)
|
|
|
|
|
|
|
|
return
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
if err != nil {
|
|
|
|
ctx.Error(400, err.Error())
|
|
|
|
ctx.Error(400, err.Error())
|
|
|
|
return
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if !ctx.IsSigned || (ctx.User.ID != attach.UploaderID) {
|
|
|
|
|
|
|
|
ctx.Error(403)
|
|
|
|
|
|
|
|
return
|
|
|
|
|
|
|
|
}
|
|
|
|
err = models.DeleteAttachment(attach, true)
|
|
|
|
err = models.DeleteAttachment(attach, true)
|
|
|
|
if err != nil {
|
|
|
|
if err != nil {
|
|
|
|
ctx.Error(500, fmt.Sprintf("DeleteAttachment: %v", err))
|
|
|
|
ctx.Error(500, fmt.Sprintf("DeleteAttachment: %v", err))
|
|
|
|