From b995b4ddfbf101e029b3a799a17c7c7eb1585361 Mon Sep 17 00:00:00 2001 From: TLSM Date: Fri, 17 Jun 2022 02:30:20 -0400 Subject: [PATCH] Amend 9b17bb1cfe78: fix userpage for logged-out. The previous fix to shadowbanned users not being able to view their own profile broke userpages for logged out users (and filled the log up with 500s) due to sloppy logic around accessing v.id. This has been remedied. --- files/routes/users.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/routes/users.py b/files/routes/users.py index 4070f6685..15e8a852f 100644 --- a/files/routes/users.py +++ b/files/routes/users.py @@ -914,7 +914,7 @@ def u_username(username, v=None): if request.headers.get("Authorization") or request.headers.get("xhr"): return {"error": f"That username is reserved for: {u.reserved}"} return render_template("userpage_reserved.html", u=u, v=v) - if u.shadowbanned and not (v and v.admin_level >= 2) and not v.id == u.id: + if u.shadowbanned and not (v and v.admin_level >= 2) and not (v and v.id == u.id): abort(404) if v and v.id not in (u.id,DAD_ID) and (u.patron or u.admin_level > 1):