leaflet.pub
a tool for shared writing and social publishing
add check for ownership for standalone
awarm.space
+15
+15
actions/publishToPublication.ts
+15
actions/publishToPublication.ts
···
143
143
.single();
144
144
draft = data;
145
145
existingDocUri = draft?.document;
146
+
147
+
// If updating an existing document, verify the current user is the owner
148
+
if (existingDocUri) {
149
+
let docOwner = new AtUri(existingDocUri).host;
150
+
if (docOwner !== identity.atp_did) {
151
+
return {
152
+
success: false,
153
+
error: {
154
+
type: "oauth_session_expired" as const,
155
+
message: "Not the document owner",
156
+
did: identity.atp_did,
157
+
},
158
+
};
159
+
}
160
+
}
146
161
}
147
162
148
163
// Heuristic: Remove title entities if this is the first time publishing