summaryrefslogtreecommitdiff
path: root/lib/Travelynx/Controller
diff options
context:
space:
mode:
authorDaniel Friesel <derf@finalrewind.org>2023-03-02 21:54:17 +0100
committerDaniel Friesel <derf@finalrewind.org>2023-03-02 21:54:17 +0100
commitaa56023788812ca8071bee8c3fd8064d0fa6c628 (patch)
tree72974e733292294c677da3b6db52677753211b08 /lib/Travelynx/Controller
parent6a734a094be259faca8f34a3a4653ba0c8535b27 (diff)
user_status redirect: check visibility independent of token
Diffstat (limited to 'lib/Travelynx/Controller')
-rwxr-xr-xlib/Travelynx/Controller/Traveling.pm43
1 files changed, 19 insertions, 24 deletions
diff --git a/lib/Travelynx/Controller/Traveling.pm b/lib/Travelynx/Controller/Traveling.pm
index 6a8e1f9..e627ae5 100755
--- a/lib/Travelynx/Controller/Traveling.pm
+++ b/lib/Travelynx/Controller/Traveling.pm
@@ -528,32 +528,27 @@ sub user_status {
)
)
{
- my $token = $self->param('token');
- if ($token) {
- my $visibility = $self->compute_effective_visibility(
- $user->{default_visibility_str},
- $journey->{visibility_str}
- );
- if (
- $visibility eq 'public'
- or ( $visibility eq 'unlisted'
- and $self->journey_token_ok( $journey, $ts ) )
- or (
- $visibility eq 'travelynx'
- and ( $self->is_user_authenticated
- or $self->journey_token_ok( $journey, $ts ) )
- )
- )
- {
- $self->redirect_to(
- "/p/${name}/j/$journey->{id}?token=${token}-${ts}");
- }
- else {
- $self->render('not_found');
- }
+ my $visibility
+ = $self->compute_effective_visibility(
+ $user->{default_visibility_str},
+ $journey->{visibility_str} );
+ if (
+ $visibility eq 'public'
+ or ( $visibility eq 'unlisted'
+ and $self->journey_token_ok( $journey, $ts ) )
+ or (
+ $visibility eq 'travelynx'
+ and ( $self->is_user_authenticated
+ or $self->journey_token_ok( $journey, $ts ) )
+ )
+ )
+ {
+ my $token = $self->param('token') // q{};
+ $self->redirect_to(
+ "/p/${name}/j/$journey->{id}?token=${token}-${ts}");
}
else {
- $self->redirect_to("/p/${name}/j/$journey->{id}");
+ $self->render('not_found');
}
return;
}