Restrict injury logging to player's team GMs only

Security fix: Remove user_id from ConfirmationView so only the player's team GM(s) can click "Log Injury" button. Anyone can still run /injury roll to see the result, but only authorized GMs can record it. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-19 00:13:42 -06:00 · 2025-12-19 00:13:42 -06:00 · 466c8985cb
commit 466c8985cb
parent 62541ac750
2 changed files with 2 additions and 2 deletions
--- a/2
+++ b/2
@ -1 +1 @@
-2.25.0
+2.25.1
--- a/commands/injuries/management.py
+++ b/commands/injuries/management.py
@ -205,8 +205,8 @@ class InjuryGroup(app_commands.Group):
                injury_callback = batter_confirm_callback

            # Create confirmation view with appropriate callback
+            # Only the player's team GM(s) can log the injury
            view = ConfirmationView(
-                user_id=interaction.user.id,
                timeout=180.0,  # 3 minutes for confirmation
                responders=[player.team.gmid, player.team.gmid2] if player.team else None,
                confirm_callback=injury_callback,
 @ -1 +1 @@
 .25.0
 .25.1