fix: update permissions for accounts routes to ManageAccounts

This commit is contained in:
ispik
2026-04-12 14:12:15 +03:00
parent 1bb12b416a
commit 01e0c30596
2 changed files with 8 additions and 8 deletions

View File

@@ -289,7 +289,7 @@ auto_derived! {
ManageNotes = 15, ManageNotes = 15,
Discover = 16, Discover = 16,
AccountDisable = 17, ManageAccounts = 17,
} }
pub enum AdminAuditItemActions { pub enum AdminAuditItemActions {
@@ -322,7 +322,7 @@ auto_derived! {
ServerUnbanMember, ServerUnbanMember,
// Accounts // Accounts
AccountDisable ManageAccounts
} }
// Joiner payloads // Joiner payloads
@@ -370,7 +370,7 @@ impl AdminAuditItemActions {
AdminAuditItemActions::ServerBanMember => true, AdminAuditItemActions::ServerBanMember => true,
AdminAuditItemActions::ServerUnbanMember => true, AdminAuditItemActions::ServerUnbanMember => true,
AdminAuditItemActions::ServerFetchMembers => false, AdminAuditItemActions::ServerFetchMembers => false,
AdminAuditItemActions::AccountDisable => true, AdminAuditItemActions::ManageAccounts => true,
} }
} }
} }

View File

@@ -9,7 +9,7 @@ use rocket::serde::json::Json;
use rocket::State; use rocket::State;
use rocket_empty::EmptyResponse; use rocket_empty::EmptyResponse;
/// Disable an account. Requires AccountDisable permissions /// Disable an account. Requires ManageAccounts permissions
#[openapi(tag = "Admin")] #[openapi(tag = "Admin")]
#[post("/accounts/disable/<id>?<case>")] #[post("/accounts/disable/<id>?<case>")]
pub async fn admin_account_disable( pub async fn admin_account_disable(
@@ -19,9 +19,9 @@ pub async fn admin_account_disable(
case: Option<&str>, case: Option<&str>,
) -> Result<EmptyResponse> { ) -> Result<EmptyResponse> {
let user = flatten_authorized_user(&auth); let user = flatten_authorized_user(&auth);
if !user_has_permission(user, v0::AdminUserPermissionFlags::AccountDisable) { if !user_has_permission(user, v0::AdminUserPermissionFlags::ManageAccounts) {
return Err(create_error!(MissingPermission { return Err(create_error!(MissingPermission {
permission: "AccountDisable".to_string() permission: "ManageAccounts".to_string()
})); }));
} }
@@ -34,7 +34,7 @@ pub async fn admin_account_disable(
let admin = db.admin_user_fetch(&target.id).await.ok(); let admin = db.admin_user_fetch(&target.id).await.ok();
if let Some(admin) = admin { if let Some(admin) = admin {
if user_has_permission(&admin, v0::AdminUserPermissionFlags::AccountDisable) { if user_has_permission(&admin, v0::AdminUserPermissionFlags::ManageAccounts) {
return Err(create_error!(PrivilegedAccount)); return Err(create_error!(PrivilegedAccount));
} }
} }
@@ -42,7 +42,7 @@ pub async fn admin_account_disable(
create_audit_action( create_audit_action(
db, db,
&user.id, &user.id,
v0::AdminAuditItemActions::AccountDisable, v0::AdminAuditItemActions::ManageAccounts,
case, case,
Some(id.id), Some(id.id),
None, None,