X-Git-Url: http://these/git/?a=blobdiff_plain;f=crates%2Fapi%2Fsrc%2Fsite%2Fpurge%2Fperson.rs;h=838b36070d364611f8344f6280beb261eb3b7ec5;hb=3471f3533cb724b2cf6953d563aadfcc9f66c1d2;hp=5273110ed89dcade56cb84a0b8c29abea264d7c0;hpb=3565ad984a0270c7dd29051a9ff6d15fc5a8ed47;p=lemmy.git

diff --git a/crates/api/src/site/purge/person.rs b/crates/api/src/site/purge/person.rs
index 5273110e..838b3607 100644
--- a/crates/api/src/site/purge/person.rs
+++ b/crates/api/src/site/purge/person.rs
@@ -4,7 +4,7 @@ use lemmy_api_common::{
   context::LemmyContext,
   request::purge_image_from_pictrs,
   site::{PurgeItemResponse, PurgePerson},
-  utils::{is_top_admin, local_user_view_from_jwt, purge_image_posts_for_person},
+  utils::{is_admin, local_user_view_from_jwt, purge_image_posts_for_person, sanitize_html_opt},
 };
 use lemmy_db_schema::{
   source::{
@@ -24,12 +24,12 @@ impl Perform for PurgePerson {
     let data: &Self = self;
     let local_user_view = local_user_view_from_jwt(&data.auth, context).await?;
 
-    // Only let the top admin purge an item
-    is_top_admin(context.pool(), local_user_view.person.id).await?;
+    // Only let admin purge an item
+    is_admin(&local_user_view)?;
 
     // Read the person to get their images
     let person_id = data.person_id;
-    let person = Person::read(context.pool(), person_id).await?;
+    let person = Person::read(&mut context.pool(), person_id).await?;
 
     if let Some(banner) = person.banner {
       purge_image_from_pictrs(context.client(), context.settings(), &banner)
@@ -45,22 +45,22 @@ impl Perform for PurgePerson {
 
     purge_image_posts_for_person(
       person_id,
-      context.pool(),
+      &mut context.pool(),
       context.settings(),
       context.client(),
     )
     .await?;
 
-    Person::delete(context.pool(), person_id).await?;
+    Person::delete(&mut context.pool(), person_id).await?;
 
     // Mod tables
-    let reason = data.reason.clone();
+    let reason = sanitize_html_opt(&data.reason);
     let form = AdminPurgePersonForm {
       admin_person_id: local_user_view.person.id,
       reason,
     };
 
-    AdminPurgePerson::create(context.pool(), &form).await?;
+    AdminPurgePerson::create(&mut context.pool(), &form).await?;
 
     Ok(PurgeItemResponse { success: true })
   }