Correct ApiKey delete auth check
This commit is contained in:
parent
7a0aa0ecf8
commit
d73196594d
|
@ -53,7 +53,7 @@ router.post('apiKeys.delete', auth(), async ctx => {
|
||||||
|
|
||||||
const user = ctx.state.user;
|
const user = ctx.state.user;
|
||||||
const key = await ApiKey.findById(id);
|
const key = await ApiKey.findById(id);
|
||||||
authorize(user, 'delete', ApiKey);
|
authorize(user, 'delete', key);
|
||||||
|
|
||||||
try {
|
try {
|
||||||
await key.destroy();
|
await key.destroy();
|
||||||
|
|
Reference in New Issue