From b4e1b912ce881b3131061e8cccf8cb7a262390cd Mon Sep 17 00:00:00 2001
From: Conrad Hoffmann <ch@bitfehler.net>
Date: Mon, 11 Dec 2023 21:36:21 +0100
Subject: [PATCH] Only allow resubmission of accessible jobs

---
 buildsrht/blueprints/jobs.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/buildsrht/blueprints/jobs.py b/buildsrht/blueprints/jobs.py
index c1b47f0..9b57136 100644
--- a/buildsrht/blueprints/jobs.py
+++ b/buildsrht/blueprints/jobs.py
@@ -242,6 +242,8 @@ def resubmit_GET(job_id):
     job = Job.query.filter(Job.id == job_id).one_or_none()
     if not job:
         abort(404)
+    if not get_access(job):
+        abort(404)
     session["manifest"] = job.manifest
     if isinstance(job.note, str) and len(job.note.splitlines()) == 1:
         note = addsuffix(job.note, "(resubmitted)")
-- 
2.38.5