diff options
| author | Unknwon <u@gogs.io> | 2016-07-23 17:56:37 +0800 |
|---|---|---|
| committer | Unknwon <u@gogs.io> | 2016-07-23 17:56:37 +0800 |
| commit | e63b2881b1dba21cf39a1959be4b637f4498f727 (patch) | |
| tree | a627a8f9c21d1b25ce3998295527df2517b8f1dd /routers/api/v1/api.go | |
| parent | 745167d57a02f2bae07103886fa5e62e398cfbcb (diff) | |
| download | gitea-e63b2881b1dba21cf39a1959be4b637f4498f727.tar.gz gitea-e63b2881b1dba21cf39a1959be4b637f4498f727.zip | |
api: fix panic if anonymous user request admin API
Add sign in check before check user account level
Diffstat (limited to 'routers/api/v1/api.go')
| -rw-r--r-- | routers/api/v1/api.go | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go index 4fac550e82..a13a1e6885 100644 --- a/routers/api/v1/api.go +++ b/routers/api/v1/api.go @@ -103,7 +103,7 @@ func ReqBasicAuth() macaron.Handler { func ReqAdmin() macaron.Handler { return func(ctx *context.Context) { - if !ctx.User.IsAdmin { + if !ctx.IsSigned || !ctx.User.IsAdmin { ctx.Error(403) return } |