fix delete token. only user tokens allowed
This commit is contained in:
parent
2f4a85f79b
commit
f5f0ea3c35
|
@ -99,7 +99,7 @@ class TokenDeleteView(DashboardView, DeleteView):
|
||||||
|
|
||||||
def get(self, request, *args, **kwargs):
|
def get(self, request, *args, **kwargs):
|
||||||
self.pk = kwargs['pk']
|
self.pk = kwargs['pk']
|
||||||
self.object = get_object_or_404(self.model, pk=self.pk)
|
self.object = get_object_or_404(self.model, pk=self.pk, owner=self.request.user)
|
||||||
self.object.delete()
|
self.object.delete()
|
||||||
|
|
||||||
return redirect('api:tokens')
|
return redirect('api:tokens')
|
||||||
|
|
Loading…
Reference in New Issue