X-Git-Url: http://these/git/?a=blobdiff_plain;f=crates%2Fapi%2Fsrc%2Fsite%2Fpurge%2Fcomment.rs;h=bfaf9cbb0772e9614fe33cd163828a2af35f895a;hb=3471f3533cb724b2cf6953d563aadfcc9f66c1d2;hp=f4ba4509740cbdaa5ee88729370bdb4a4b333efb;hpb=a5707328cff0133373491ef8e8908faeefacfa30;p=lemmy.git

diff --git a/crates/api/src/site/purge/comment.rs b/crates/api/src/site/purge/comment.rs
index f4ba4509..bfaf9cbb 100644
--- a/crates/api/src/site/purge/comment.rs
+++ b/crates/api/src/site/purge/comment.rs
@@ -3,7 +3,7 @@ use actix_web::web::Data;
 use lemmy_api_common::{
   context::LemmyContext,
   site::{PurgeComment, PurgeItemResponse},
-  utils::{is_top_admin, local_user_view_from_jwt},
+  utils::{is_admin, local_user_view_from_jwt, sanitize_html_opt},
 };
 use lemmy_db_schema::{
   source::{
@@ -12,44 +12,40 @@ use lemmy_db_schema::{
   },
   traits::Crud,
 };
-use lemmy_utils::{error::LemmyError, ConnectionId};
+use lemmy_utils::error::LemmyError;
 
 #[async_trait::async_trait(?Send)]
 impl Perform for PurgeComment {
   type Response = PurgeItemResponse;
 
-  #[tracing::instrument(skip(context, _websocket_id))]
-  async fn perform(
-    &self,
-    context: &Data<LemmyContext>,
-    _websocket_id: Option<ConnectionId>,
-  ) -> Result<Self::Response, LemmyError> {
+  #[tracing::instrument(skip(context))]
+  async fn perform(&self, context: &Data<LemmyContext>) -> Result<Self::Response, LemmyError> {
     let data: &Self = self;
     let local_user_view = local_user_view_from_jwt(&data.auth, context).await?;
 
-    // Only let the top admin purge an item
-    is_top_admin(context.pool(), local_user_view.person.id).await?;
+    // Only let admin purge an item
+    is_admin(&local_user_view)?;
 
     let comment_id = data.comment_id;
 
     // Read the comment to get the post_id
-    let comment = Comment::read(context.pool(), comment_id).await?;
+    let comment = Comment::read(&mut context.pool(), comment_id).await?;
 
     let post_id = comment.post_id;
 
     // TODO read comments for pictrs images and purge them
 
-    Comment::delete(context.pool(), comment_id).await?;
+    Comment::delete(&mut context.pool(), comment_id).await?;
 
     // Mod tables
-    let reason = data.reason.clone();
+    let reason = sanitize_html_opt(&data.reason);
     let form = AdminPurgeCommentForm {
       admin_person_id: local_user_view.person.id,
       reason,
       post_id,
     };
 
-    AdminPurgeComment::create(context.pool(), &form).await?;
+    AdminPurgeComment::create(&mut context.pool(), &form).await?;
 
     Ok(PurgeItemResponse { success: true })
   }