fix: show not found if not own post

Author: velopert

src/containers/write/ActiveEditor.tsx

@@ -20,6 +20,8 @@ import {
 } from '../../lib/graphql/post';
 import { safe } from '../../lib/utils';
 import PopupOKCancel from '../../components/common/PopupOKCancel';
+import { useUserId } from '../../lib/hooks/useUser';
+import NotFoundPage from '../../pages/NotFoundPage';
 
 export type ActiveEditorProps = {};
 
@@ -29,6 +31,7 @@ const ActiveEditor: React.FC<ActiveEditorProps> = () => {
   const postId = useSelector((state: RootState) => state.write.postId);
   const [askLoadTemp, setAskLoadTemp] = useState(false);
   const initialized = useRef(false);
+  const userId = useUserId();
 
   const dispatch = useDispatch();
   const location = useLocation();
@@ -128,6 +131,13 @@ const ActiveEditor: React.FC<ActiveEditorProps> = () => {
     // dispatch(setInitialBody(lastPostHistory.body));
   }, [dispatch, lastPostHistory, post]);
 
+  if (
+    (!readPostForEdit.loading && post === null) ||
+    (post && post.user.id !== userId)
+  ) {
+    return <NotFoundPage />;
+  }
+
   if (id && !post && !postId) return null;
 
   return (

src/lib/graphql/post.ts

@@ -341,6 +341,9 @@ export const READ_POST_FOR_EDIT = gql`
         id
         name
       }
+      user {
+        id
+      }
     }
   }
 `;
@@ -396,6 +399,9 @@ export type ReadPostForEditResponse = {
       name: string;
     } | null;
     updated_at: string;
+    user: {
+      id: string;
+    };
   };
 };