mirrors/retrospring
1
0
Fork 0
mirror of https://github.com/Retrospring/retrospring.git synced 2025-02-13 21:33:20 +01:00
Code Issues Projects Releases Packages Wiki Activity

Only allow checking of own subscriptions

Browse source
This commit is contained in:
Karina Kwiatek 2023-01-01 22:07:02 +01:00
parent 2417354b31
commit 48c7beb54e
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/ajax/web_push_controller.rb
View file

@ -14,7 +14,7 @@ class Ajax::WebPushController < AjaxController
def check
params.permit(:endpoint)
found = WebPushSubscription.where("subscription ->> 'endpoint' = ?", params[:endpoint]).first
found = current_user.web_push_subscriptions.where("subscription ->> 'endpoint' = ?", params[:endpoint]).first
@response[:status] = if found
if found.failures >= 3