From 07b3ea19a6ee820da9bf3b9ee5f9504e05f54356 Mon Sep 17 00:00:00 2001
From: Daniel Friesel <derf@finalrewind.org>
Date: Mon, 18 Mar 2019 18:47:52 +0100
Subject: [PATCH] never call get_user_data directly

---
 index.pl                          | 3 +++
 templates/account.html.ep         | 2 +-
 templates/layouts/default.html.ep | 2 +-
 3 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/index.pl b/index.pl
index 95f42c80..1af79a46 100755
--- a/index.pl
+++ b/index.pl
@@ -677,6 +677,9 @@ helper 'get_user_token' => sub {
 	return;
 };
 
+# This helper should only be called directly when also providing a user ID.
+# If you don't have one, use current_user() instead (get_user_data will
+# delegate to it anyways).
 helper 'get_user_data' => sub {
 	my ( $self, $uid ) = @_;
 
diff --git a/templates/account.html.ep b/templates/account.html.ep
index bbd68504..49179616 100644
--- a/templates/account.html.ep
+++ b/templates/account.html.ep
@@ -1,5 +1,5 @@
 <h1>Account</h1>
-% my $acc = get_user_data();
+% my $acc = current_user();
 <div class="row">
 	<div class="col s12">
 		<table class="striped">
diff --git a/templates/layouts/default.html.ep b/templates/layouts/default.html.ep
index 588a83ca..8f5bdc24 100644
--- a/templates/layouts/default.html.ep
+++ b/templates/layouts/default.html.ep
@@ -34,7 +34,7 @@
 
 <div class="container">
 	% if (is_user_authenticated()) {
-		% my $acc = get_user_data();
+		% my $acc = current_user();
 		% if ($acc and $acc->{deletion_requested}) {
 			%= include '_deletion_note', timestamp => $acc->{deletion_requested}
 		% }
-- 
GitLab