Write proper user permission code.

This commit is contained in:
Paul Makles
2021-01-09 16:50:11 +00:00
parent bb3667a83b
commit 5e70ceea01
9 changed files with 59 additions and 55 deletions

View File

@@ -33,9 +33,7 @@ pub async fn req(user: User, username: String) -> Result<JsonValue> {
match get_relationship(
&user,
&Ref {
id: target_id.to_string(),
},
&target_id,
) {
RelationshipStatus::User => return Err(Error::NoEffect),
RelationshipStatus::Friend => return Err(Error::AlreadyFriends),

View File

@@ -10,7 +10,7 @@ use rocket_contrib::json::JsonValue;
pub async fn req(user: User, target: Ref) -> Result<JsonValue> {
let col = get_collection("users");
match get_relationship(&user, &target) {
match get_relationship(&user, &target.id) {
RelationshipStatus::User | RelationshipStatus::Blocked => Err(Error::NoEffect),
RelationshipStatus::BlockedOther => {
col.update_one(

View File

@@ -5,5 +5,5 @@ use rocket_contrib::json::JsonValue;
#[get("/<target>/relationship")]
pub async fn req(user: User, target: Ref) -> Result<JsonValue> {
Ok(json!({ "status": get_relationship(&user, &target) }))
Ok(json!({ "status": get_relationship(&user, &target.id) }))
}

View File

@@ -9,7 +9,7 @@ pub async fn req(user: User, target: Ref) -> Result<JsonValue> {
if user.id != target.id {
// Check whether we are allowed to fetch this user.
let perm = crate::database::permissions::temp_calc_perm(&user, &target).await;
let perm = permissions::user::calculate(&user, &target.id).await;
if !perm.get_access() {
Err(Error::LabelMe)?
}

View File

@@ -11,7 +11,7 @@ use rocket_contrib::json::JsonValue;
pub async fn req(user: User, target: Ref) -> Result<JsonValue> {
let col = get_collection("users");
match get_relationship(&user, &target) {
match get_relationship(&user, &target.id) {
RelationshipStatus::Friend
| RelationshipStatus::Outgoing
| RelationshipStatus::Incoming => {

View File

@@ -11,9 +11,9 @@ use rocket_contrib::json::JsonValue;
pub async fn req(user: User, target: Ref) -> Result<JsonValue> {
let col = get_collection("users");
match get_relationship(&user, &target) {
match get_relationship(&user, &target.id) {
RelationshipStatus::Blocked => {
match get_relationship(&target.fetch_user().await?, &user.as_ref()) {
match get_relationship(&target.fetch_user().await?, &user.id) {
RelationshipStatus::Blocked => {
col.update_one(
doc! {