}
func UpdateIssue(ctx *middleware.Context, params martini.Params, form auth.CreateIssueForm) {
- if !ctx.Repo.IsOwner {
- ctx.Handle(404, "issue.UpdateIssue", nil)
- return
- }
-
index, err := base.StrTo(params["index"]).Int()
if err != nil {
ctx.Handle(404, "issue.UpdateIssue", err)
return
}
+ if ctx.User.Id != issue.PosterId {
+ ctx.Handle(404, "issue.UpdateIssue", nil)
+ return
+ }
+
issue.Name = form.IssueName
issue.MilestoneId = form.MilestoneId
issue.AssigneeId = form.AssigneeId