forked from jmug/stoatchat
fix: also consider role ranking on setting role perm
This commit is contained in:
@@ -22,13 +22,18 @@ pub async fn req(
|
|||||||
let data = data.into_inner();
|
let data = data.into_inner();
|
||||||
|
|
||||||
let mut server = target.as_server(db).await?;
|
let mut server = target.as_server(db).await?;
|
||||||
if let Some(current_value) = server.roles.get(&role_id).map(|x| x.permissions) {
|
if let Some((current_value, rank)) = server.roles.get(&role_id).map(|x| (x.permissions, x.rank))
|
||||||
|
{
|
||||||
let mut permissions = perms(&user).server(&server);
|
let mut permissions = perms(&user).server(&server);
|
||||||
|
|
||||||
permissions
|
permissions
|
||||||
.throw_permission(db, Permission::ManagePermissions)
|
.throw_permission(db, Permission::ManagePermissions)
|
||||||
.await?;
|
.await?;
|
||||||
|
|
||||||
|
if rank <= permissions.get_member_rank().unwrap_or(i64::MIN) {
|
||||||
|
return Err(Error::NotElevated);
|
||||||
|
}
|
||||||
|
|
||||||
if !permissions
|
if !permissions
|
||||||
.has_permission_value(db, data.permissions.allows())
|
.has_permission_value(db, data.permissions.allows())
|
||||||
.await?
|
.await?
|
||||||
|
|||||||
Reference in New Issue
Block a user