Commit 986b05f8 authored by Adhityaa Chandrasekar's avatar Adhityaa Chandrasekar

api, frontend: restrict profile updates to commento provider

parent b7c214e9
Pipeline #117792757 failed with stages
in 47 seconds
......@@ -54,9 +54,10 @@ func commenterUpdateHandler(w http.ResponseWriter, r *http.Request) {
}
if c.Provider != "commento" {
*x.Link = c.Link
*x.Photo = c.Photo
bodyMarshal(w, response{"success": false, "message": errorCannotUpdateOauthProfile.Error()})
return
}
*x.Email = c.Email
if err = commenterUpdate(c.CommenterHex, *x.Email, *x.Name, *x.Link, *x.Photo, c.Provider); err != nil {
......
......@@ -49,3 +49,4 @@ var errorInvalidDomain = errors.New("Invalid domain name. Do not include the URL
var errorInvalidEntity = errors.New("That entity does not exist.")
var errorCannotDeleteOwnerWithActiveDomains = errors.New("You cannot delete your account until all domains associated with your account are deleted.")
var errorNoSuchOwner = errors.New("No such owner.")
var errorCannotUpdateOauthProfile = errors.New("You cannot update the profile of an external account managed by third-party log in. Please use the appropriate platform to update your details.")
......@@ -314,7 +314,9 @@
append(loggedInAs, name);
append(loggedContainer, loggedInAs);
append(loggedContainer, logoutButton);
append(loggedContainer, profileEditButton);
if (commenter.provider === "commento") {
append(loggedContainer, profileEditButton);
}
append(loggedContainer, notificationSettingsButton);
prepend(root, loggedContainer);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment