From 078765fe44de4b923f008595eafc8d16cb8c99f1 Mon Sep 17 00:00:00 2001 From: rubenwardy Date: Thu, 9 Jul 2020 05:47:26 +0100 Subject: [PATCH] Prevent users from reviewing their own packages --- app/blueprints/packages/reviews.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/app/blueprints/packages/reviews.py b/app/blueprints/packages/reviews.py index 74070fc..a7a1127 100644 --- a/app/blueprints/packages/reviews.py +++ b/app/blueprints/packages/reviews.py @@ -34,6 +34,10 @@ class ReviewForm(FlaskForm): @login_required @is_package_page def review(package): + if current_user in package.maintainers: + flash("You can't review your own package!", "danger") + return redirect(package.getDetailsURL()) + review = PackageReview.query.filter_by(package=package, author=current_user).first() form = ReviewForm(formdata=request.form, obj=review)