last2014/lynq-chat
2
1
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Wiki Activity

Fix: 自身が送信していないメッセージを削除できる問題

Browse Source
This commit is contained in:
Last2014
2026-06-05 06:18:51 +09:00
parent e4841bec10
commit d1cef4bd67
2 changed files with 21 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/backend/src/routes/message/delete.ts
+18 -1
View File
@@ -1,4 +1,4 @@
import { DatabaseError, InputError } from "@/errors"; import { DatabaseError, ErrorBase, InputError } from "@/errors";
import Logger from "@/lib/logger"; import Logger from "@/lib/logger";
import { MessageEntity } from "@/modules/entities/Message"; import { MessageEntity } from "@/modules/entities/Message";
import type { FastifyInstance } from "fastify"; import type { FastifyInstance } from "fastify";
@@ -23,6 +23,23 @@ export default async function MessageDelete(fastify: FastifyInstance) {
try { try {
const messageRepo = fastify.orm.em.getRepository(MessageEntity); const messageRepo = fastify.orm.em.getRepository(MessageEntity);
const itMessage = await messageRepo.findOne({ id: result.data.id });
if (!itMessage) {
return res.code(400).send(ErrorBase({
bad: "client",
code: "message_not_found",
message: "対象のメッセージが見つかりませんでした。",
}));
}
if (itMessage.createdBy.userid !== req.token.user.userid) {
return res.code(403).send(ErrorBase({
bad: "client",
code: "not_your_message",
message: "あなたの送信したメッセージではありません。",
}));
}
await messageRepo.deleteMessage(result.data.id); await messageRepo.deleteMessage(result.data.id);
return res.send({ return res.send({
packages/frontend/src/components/Message.vue
+3 -1
View File
@@ -1,5 +1,5 @@
<template> <template>
<div class="message" ref="messageElem"> <div class="message" v-if="account && account.success" ref="messageElem">
<img <img
v-if="message.createdBy.icon" v-if="message.createdBy.icon"
:src="message.createdBy.icon" :src="message.createdBy.icon"
@@ -31,6 +31,7 @@
/> />
<Icon <Icon
v-if="account.userid === message.createdBy.userid"
icon="material-symbols:delete-rounded" icon="material-symbols:delete-rounded"
style="color: #ff0000" style="color: #ff0000"
@click="deleteMessage()" @click="deleteMessage()"
@@ -123,6 +124,7 @@ import type ApiMap from "lynqchat-js/1.0.0-alpha.0/map";
import ErrorModal from "@/components/Modal/Error.vue"; import ErrorModal from "@/components/Modal/Error.vue";
import Confirm from "@/components/Modal/Confirm.vue"; import Confirm from "@/components/Modal/Confirm.vue";
import { inject, onBeforeUnmount, onMounted, ref, watch, type Ref } from "vue"; import { inject, onBeforeUnmount, onMounted, ref, watch, type Ref } from "vue";
import { account } from "@/lib/account";
const props = defineProps<{ const props = defineProps<{
message: Extract<ApiMap["message/list"]["response"], { messages: any }>["messages"][number]; message: Extract<ApiMap["message/list"]["response"], { messages: any }>["messages"][number];