fixed vulnerabilities (#392)

author: Lunny Xiao <xiaolunwen@gmail.com> 2016-12-15 16:49:06 +0800
committer: GitHub <noreply@github.com> 2016-12-15 16:49:06 +0800
commit: b4c794058aa57426679877444b52561e7e16ef2b (patch)
tree: 0835bc252a72077f7fe9f7daa4d02ff4059d8c27 /models/token.go
parent: d771e978a108517ca5833b5e2f17b45e2d7dc6ca (diff)
download: gitea-b4c794058aa57426679877444b52561e7e16ef2b.tar.gz
gitea-b4c794058aa57426679877444b52561e7e16ef2b.zip
1 files changed, 10 insertions, 3 deletions
diff --git a/models/token.go b/models/token.go
index 03ea554fbb..6b2898a49d 100644
--- a/models/token.go
+++ b/models/token.go
@@ -88,7 +88,14 @@ func UpdateAccessToken(t *AccessToken) error {
 }
 
 // DeleteAccessTokenByID deletes access token by given ID.
-func DeleteAccessTokenByID(id int64) error {
-	_, err := x.Id(id).Delete(new(AccessToken))
-	return err
+func DeleteAccessTokenByID(id, userID int64) error {
+	cnt, err := x.Id(id).Delete(&AccessToken{
+		UID: userID,
+	})
+	if err != nil {
+		return err
+	} else if cnt != 1 {
+		return ErrAccessTokenNotExist{}
+	}
+	return nil
 }
author	Lunny Xiao <xiaolunwen@gmail.com>	2016-12-15 16:49:06 +0800
committer	GitHub <noreply@github.com>	2016-12-15 16:49:06 +0800
commit	b4c794058aa57426679877444b52561e7e16ef2b (patch)
tree	0835bc252a72077f7fe9f7daa4d02ff4059d8c27 /models/token.go
parent	d771e978a108517ca5833b5e2f17b45e2d7dc6ca (diff)
download	gitea-b4c794058aa57426679877444b52561e7e16ef2b.tar.gz gitea-b4c794058aa57426679877444b52561e7e16ef2b.zip