FreakU
/
Retrospring
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Only allow checking of own subscriptions

This commit is contained in:
Karina Kwiatek 2023-01-01 22:07:02 +01:00
parent 2417354b31
commit 48c7beb54e
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/ajax/web_push_controller.rb
View File

@ -14,7 +14,7 @@ class Ajax::WebPushController < AjaxController
def check
params.permit(:endpoint)
found = WebPushSubscription.where("subscription ->> 'endpoint' = ?", params[:endpoint]).first
found = current_user.web_push_subscriptions.where("subscription ->> 'endpoint' = ?", params[:endpoint]).first
@response[:status] = if found
if found.failures >= 3