diff options
Diffstat (limited to 'src/api/routes/files/filesAlbumsGET.js')
| -rw-r--r-- | src/api/routes/files/filesAlbumsGET.js | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/api/routes/files/filesAlbumsGET.js b/src/api/routes/files/filesAlbumsGET.js index c834658..7f1190c 100644 --- a/src/api/routes/files/filesAlbumsGET.js +++ b/src/api/routes/files/filesAlbumsGET.js @@ -9,6 +9,9 @@ class filesGET extends Route { const { id } = req.params; if (!id) return res.status(400).json({ message: 'Invalid file ID supplied' }); + const file = await db.table('files').where({ id, userId: user.id }).first(); + if (!file) return res.status(400).json({ message: 'The file doesn\'t exist or doesn\'t belong to the user' }); + let albums = []; let albumFiles = await db.table('albumsFiles') .where('fileId', id) |