comparison app/controllers/tweets_controller.rb @ 235:4222343d9433 legit-client

No access to protected user
author nanaya <me@nanaya.net>
date Fri, 14 Jul 2023 22:43:40 +0900
parents 7a773720d81f
children
comparison
equal deleted inserted replaced
234:7a773720d81f 235:4222343d9433
8 8
9 @user = CachedFetch.user_by_id params[:id] 9 @user = CachedFetch.user_by_id params[:id]
10 10
11 if @user.nil? 11 if @user.nil?
12 head :not_found 12 head :not_found
13 return
14 end
15
16 if @user[:protected]
17 head :forbidden
13 return 18 return
14 end 19 end
15 20
16 return redirect if normalized_screen_name != params[:name] 21 return redirect if normalized_screen_name != params[:name]
17 22