feat(permissions): apply permissions on set channel routes

This commit is contained in:
Paul Makles
2022-02-23 17:51:36 +00:00
parent fcbaab7bcb
commit 0553ce5587
4 changed files with 60 additions and 45 deletions

View File

@@ -1,12 +1,12 @@
use rocket::serde::json::Json;
use serde::{Deserialize, Serialize};
use serde::Deserialize;
use revolt_quark::{
models::{Server, User},
perms, Db, Error, Override, Permission, Ref, Result,
};
#[derive(Serialize, Deserialize)]
#[derive(Deserialize)]
pub struct Data {
permissions: Override,
}
@@ -34,20 +34,10 @@ pub async fn req(
return Err(Error::NotElevated);
}
if !permissions
.has_permission_value(db, data.permissions.allows())
.await?
{
return Err(Error::CannotGiveMissingPermissions);
}
let current_value: Override = current_value.into();
if !permissions
.has_permission_value(db, current_value.denies() & (!data.permissions.denies()))
.await?
{
return Err(Error::CannotGiveMissingPermissions);
}
permissions
.throw_permission_override(db, current_value, data.permissions)
.await?;
server
.set_role_permission(db, &role_id, data.permissions.into())

View File

@@ -1,12 +1,12 @@
use rocket::serde::json::Json;
use serde::{Deserialize, Serialize};
use serde::Deserialize;
use revolt_quark::{
models::{server::PartialServer, Server, User},
perms, Db, Error, Permission, Ref, Result,
perms, Db, Permission, Ref, Result,
};
#[derive(Serialize, Deserialize)]
#[derive(Deserialize)]
pub struct Data {
permissions: u64,
}
@@ -22,12 +22,9 @@ pub async fn req(db: &Db, user: User, target: Ref, data: Json<Data>) -> Result<J
.throw_permission(db, Permission::ManagePermissions)
.await?;
if !permissions
.has_permission_value(db, data.permissions)
.await?
{
return Err(Error::CannotGiveMissingPermissions);
}
permissions
.throw_permission_value(db, data.permissions)
.await?;
server
.update(