Summary: Only allow authorized users to set names. This excludes the anonymous user. Seems to be a narrow issue isolated to the `POST /api/profile/user/name` endpoint, other `profile` posts/deletes are already restricted to authorized users. Test Plan: added a test Reviewers: dsagal Reviewed By: dsagal Differential Revision: https://phab.getgrist.com/D2574pull/4/head
parent
6b24d496db
commit
0e131c2546
Loading…
Reference in new issue