26 lines
738 B
JavaScript
26 lines
738 B
JavaScript
const { withAccount } = require("../lib/utils")
|
|
;(function () {
|
|
if (context.user.auth()) return {}
|
|
withAccount((login) => {
|
|
const id = context.request().param("id")
|
|
const user = context.db.find("bigCommerceCustomer", {
|
|
filter: {
|
|
$or: [
|
|
{
|
|
"personalRecords.recording": id,
|
|
},
|
|
{
|
|
"personalRecords.thumbnail": id,
|
|
},
|
|
],
|
|
},
|
|
})[0]
|
|
if (login.tibiId !== user.id) {
|
|
return {
|
|
status: 403,
|
|
message: "You are not authorized to delete this media",
|
|
}
|
|
}
|
|
})
|
|
})()
|