Prevent users from reviewing their own packages

author rubenwardy <rw@rubenwardy.com>

Thu, 9 Jul 2020 04:47:26 +0000 (05:47 +0100)

committer rubenwardy <rw@rubenwardy.com>

Thu, 9 Jul 2020 04:47:26 +0000 (05:47 +0100)
author rubenwardy <rw@rubenwardy.com>
Thu, 9 Jul 2020 04:47:26 +0000 (05:47 +0100)
committer rubenwardy <rw@rubenwardy.com>
Thu, 9 Jul 2020 04:47:26 +0000 (05:47 +0100)
diff --git a/app/blueprints/packages/reviews.py b/app/blueprints/packages/reviews.py

index 74070fc2b0d25f6cfc64295e1c0386f129d1ba44..a7a11274da6f4cd211c8adec59b0a484af44b2ac 100644 (file)
--- a/app/blueprints/packages/reviews.py
+++ b/app/blueprints/packages/reviews.py
@@ -34,6 +34,10 @@ class ReviewForm(FlaskForm):
  @login_required
  @is_package_page
  def review(package):
+       if current_user in package.maintainers:
+               flash("You can't review your own package!", "danger")
+               return redirect(package.getDetailsURL())
+
         review = PackageReview.query.filter_by(package=package, author=current_user).first()
  
         form = ReviewForm(formdata=request.form, obj=review)
author	rubenwardy <rw@rubenwardy.com>
	Thu, 9 Jul 2020 04:47:26 +0000 (05:47 +0100)
committer	rubenwardy <rw@rubenwardy.com>
	Thu, 9 Jul 2020 04:47:26 +0000 (05:47 +0100)