Skip to content

Commit

Permalink
check authentication before deleting quotes
Browse files Browse the repository at this point in the history
  • Loading branch information
@mutantmonkey
mutantmonkey committed Apr 29, 2012
1 parent 12d1b99 commit 84bd634
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions src/pyqdb.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -260,6 +260,8 @@ def single(quote_id):

@app.route('/quotes/<int:quote_id>', methods=['DELETE'])
def remove(quote_id):
if not 'user' in session:
abort(403)
quote = db.get(quote_id)
if quote is None:
abort(404)
Expand Down

0 comments on commit 84bd634

Please sign in to comment.