mirror of
https://github.com/TryGhost/Ghost.git
synced 2025-01-03 16:38:22 +03:00
522bd02224
no issue - if you destroy a user with an unknown user id, Ghost would crash - because `userModel.hasRole` is undefined - there is actually a bigger underlying architectual problem: - the permission check should rely on an existing user - so there should be a first api layer, which 1. validates (this code exists) and 2. ensures that requested database id's exist - but this requires a bigger refactoring |
||
|---|---|---|
| .. | ||
| client@fa921f8367 | ||
| server | ||
| test | ||
| index.js | ||