summaryrefslogtreecommitdiff
path: root/src/server/api/endpoints/notes/delete.ts
diff options
context:
space:
mode:
Diffstat (limited to 'src/server/api/endpoints/notes/delete.ts')
-rw-r--r--src/server/api/endpoints/notes/delete.ts13
1 files changed, 7 insertions, 6 deletions
diff --git a/src/server/api/endpoints/notes/delete.ts b/src/server/api/endpoints/notes/delete.ts
index 399f9288d6..17d44c424d 100644
--- a/src/server/api/endpoints/notes/delete.ts
+++ b/src/server/api/endpoints/notes/delete.ts
@@ -1,11 +1,12 @@
import $ from 'cafy';
-import ID, { transform } from '../../../../misc/cafy-id';
+import { ID } from '../../../../misc/cafy-id';
import deleteNote from '../../../../services/note/delete';
-import User from '../../../../models/user';
import define from '../../define';
import * as ms from 'ms';
import { getNote } from '../../common/getters';
import { ApiError } from '../../error';
+import { Users } from '../../../../models';
+import { ensure } from '../../../../prelude/ensure';
export const meta = {
stability: 'stable',
@@ -19,7 +20,7 @@ export const meta = {
requireCredential: true,
- kind: 'note-write',
+ kind: 'write:notes',
limit: {
duration: ms('1hour'),
@@ -30,7 +31,6 @@ export const meta = {
params: {
noteId: {
validator: $.type(ID),
- transform: transform,
desc: {
'ja-JP': '対象の投稿のID',
'en-US': 'Target note ID.'
@@ -59,9 +59,10 @@ export default define(meta, async (ps, user) => {
throw e;
});
- if (!user.isAdmin && !user.isModerator && !note.userId.equals(user._id)) {
+ if (!user.isAdmin && !user.isModerator && (note.userId !== user.id)) {
throw new ApiError(meta.errors.accessDenied);
}
- await deleteNote(await User.findOne({ _id: note.userId }), note);
+ // この操作を行うのが投稿者とは限らない(例えばモデレーター)ため
+ await deleteNote(await Users.findOne(note.userId).then(ensure), note);
});
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-03-18 12:44:01 +0000