diff options
| author | meltland <[email protected]> | 2025-03-15 13:26:51 -0400 |
|---|---|---|
| committer | meltland <[email protected]> | 2025-03-15 13:26:51 -0400 |
| commit | 50d0e4a7824f6cd825c17586bb8cfd7bc014debd (patch) | |
| tree | 4c3ca94a32a65dc7ca1803d98b24c9cee957f8ab /main.py | |
| parent | 4391fd13d59b4be463ef8d2f77c0640cd18c4a6e (diff) | |
fuck
Diffstat (limited to 'main.py')
| -rw-r--r-- | main.py | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/main.py b/main.py index d243d0f..76ea084 100644 --- a/main.py +++ b/main.py @@ -407,10 +407,6 @@ async def handler(websocket): if str(websocket.id) not in client_data: await websocket.send(util.error("unauthorized", listener)) continue - username = client_data[str(websocket.id)]["username"] - if "INBOX" not in db.acc.get_perms(username): - await websocket.send(util.error("unauthorized", listener)) - continue data = db.inbox.get_recent() await websocket.send(json.dumps({"error": False, "inbox": data, "listener": listener})) elif r["command"] == "post_inbox": @@ -421,6 +417,10 @@ async def handler(websocket): if str(websocket.id) not in client_data: await websocket.send(util.error("unauthorized", listener)) continue + username = client_data[str(websocket.id)]["username"] + if "INBOX" not in db.acc.get_perms(username): + await websocket.send(util.error("unauthorized", listener)) + continue attachments = [] for i in r["attachments"]: if urlparse(i).hostname in attachment_whitelist: |