From ad852de51a0d2dd5d29c08838d5a430c58849e74 Mon Sep 17 00:00:00 2001
From: Zephyrrus <krisztian1997@gmail.com>
Date: Wed, 8 Jul 2020 04:00:12 +0300
Subject: chore: linter the entire project using the new rules

---
 src/api/routes/admin/fileGET.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/api/routes/admin/fileGET.js')

diff --git a/src/api/routes/admin/fileGET.js b/src/api/routes/admin/fileGET.js
index 3bb8da4..0d1b147 100644
--- a/src/api/routes/admin/fileGET.js
+++ b/src/api/routes/admin/fileGET.js
@@ -21,7 +21,7 @@ class filesGET extends Route {
 		return res.json({
 			message: 'Successfully retrieved file',
 			file,
-			user
+			user,
 		});
 	}
 }
-- 
cgit v1.2.3


From 7e78a03931173437cd4aec5454663ee3cc3aee23 Mon Sep 17 00:00:00 2001
From: Zephyrrus <krisztian1997@gmail.com>
Date: Fri, 10 Jul 2020 01:13:23 +0300
Subject: fix: stop leaking user passwords to admins AGAIN

---
 src/api/routes/admin/fileGET.js | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'src/api/routes/admin/fileGET.js')

diff --git a/src/api/routes/admin/fileGET.js b/src/api/routes/admin/fileGET.js
index 0d1b147..239b128 100644
--- a/src/api/routes/admin/fileGET.js
+++ b/src/api/routes/admin/fileGET.js
@@ -11,7 +11,10 @@ class filesGET extends Route {
 		if (!id) return res.status(400).json({ message: 'Invalid file ID supplied' });
 
 		let file = await db.table('files').where({ id }).first();
-		const user = await db.table('users').where({ id: file.userId }).first();
+		const user = await db.table('users')
+			.select('id', 'username', 'enabled', 'createdAt', 'editedAt', 'apiKeyEditedAt', 'isAdmin')
+			.where({ id: file.userId })
+			.first();
 		file = Util.constructFilePublicLink(file);
 
 		// Additional relevant data
-- 
cgit v1.2.3


From c93ddb09008c45942544b13bbb03319c367f9cd8 Mon Sep 17 00:00:00 2001
From: Zephyrrus <krisztian1997@gmail.com>
Date: Sun, 19 Jul 2020 22:27:11 +0300
Subject: feat: Start working on a new album/tags/image info modal

---
 src/api/routes/admin/fileGET.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/api/routes/admin/fileGET.js')

diff --git a/src/api/routes/admin/fileGET.js b/src/api/routes/admin/fileGET.js
index 239b128..7e40659 100644
--- a/src/api/routes/admin/fileGET.js
+++ b/src/api/routes/admin/fileGET.js
@@ -3,7 +3,7 @@ const Util = require('../../utils/Util');
 
 class filesGET extends Route {
 	constructor() {
-		super('/file/:id', 'get', { adminOnly: true });
+		super('/admin/file/:id', 'get', { adminOnly: true });
 	}
 
 	async run(req, res, db) {
-- 
cgit v1.2.3


From 90001c2df56d58e69fd199a518ae7f3e4ed327fc Mon Sep 17 00:00:00 2001
From: Zephyrrus <krisztian1997@gmail.com>
Date: Thu, 24 Dec 2020 10:40:50 +0200
Subject: chore: remove trailing commas

---
 src/api/routes/admin/fileGET.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/api/routes/admin/fileGET.js')

diff --git a/src/api/routes/admin/fileGET.js b/src/api/routes/admin/fileGET.js
index 7e40659..9605da4 100644
--- a/src/api/routes/admin/fileGET.js
+++ b/src/api/routes/admin/fileGET.js
@@ -24,7 +24,7 @@ class filesGET extends Route {
 		return res.json({
 			message: 'Successfully retrieved file',
 			file,
-			user,
+			user
 		});
 	}
 }
-- 
cgit v1.2.3