Include group members in payload.
This commit is contained in:
@@ -9,7 +9,8 @@ pub async fn req(user: User, target: Ref) -> Result<()> {
|
||||
|
||||
let perm = permissions::PermissionCalculator::new(&user)
|
||||
.with_channel(&target)
|
||||
.for_channel().await?;
|
||||
.for_channel()
|
||||
.await?;
|
||||
if !perm.get_view() {
|
||||
Err(Error::LabelMe)?
|
||||
}
|
||||
|
||||
@@ -9,7 +9,8 @@ pub async fn req(user: User, target: Ref) -> Result<JsonValue> {
|
||||
|
||||
let perm = permissions::PermissionCalculator::new(&user)
|
||||
.with_channel(&target)
|
||||
.for_channel().await?;
|
||||
.for_channel()
|
||||
.await?;
|
||||
if !perm.get_view() {
|
||||
Err(Error::LabelMe)?
|
||||
}
|
||||
|
||||
@@ -13,7 +13,8 @@ pub async fn req(user: User, target: Ref, member: Ref) -> Result<()> {
|
||||
let channel = target.fetch_channel().await?;
|
||||
let perm = permissions::PermissionCalculator::new(&user)
|
||||
.with_channel(&channel)
|
||||
.for_channel().await?;
|
||||
.for_channel()
|
||||
.await?;
|
||||
if !perm.get_view() {
|
||||
Err(Error::LabelMe)?
|
||||
}
|
||||
|
||||
@@ -9,7 +9,8 @@ pub async fn req(user: User, target: Ref, msg: Ref) -> Result<()> {
|
||||
|
||||
let perm = permissions::PermissionCalculator::new(&user)
|
||||
.with_channel(&channel)
|
||||
.for_channel().await?;
|
||||
.for_channel()
|
||||
.await?;
|
||||
if !perm.get_view() {
|
||||
Err(Error::LabelMe)?
|
||||
}
|
||||
|
||||
@@ -21,7 +21,8 @@ pub async fn req(user: User, target: Ref, msg: Ref, edit: Json<Data>) -> Result<
|
||||
let channel = target.fetch_channel().await?;
|
||||
let perm = permissions::PermissionCalculator::new(&user)
|
||||
.with_channel(&channel)
|
||||
.for_channel().await?;
|
||||
.for_channel()
|
||||
.await?;
|
||||
if !perm.get_view() {
|
||||
Err(Error::LabelMe)?
|
||||
}
|
||||
|
||||
@@ -9,7 +9,8 @@ pub async fn req(user: User, target: Ref, msg: Ref) -> Result<JsonValue> {
|
||||
|
||||
let perm = permissions::PermissionCalculator::new(&user)
|
||||
.with_channel(&channel)
|
||||
.for_channel().await?;
|
||||
.for_channel()
|
||||
.await?;
|
||||
if !perm.get_view() {
|
||||
Err(Error::LabelMe)?
|
||||
}
|
||||
|
||||
@@ -31,7 +31,8 @@ pub async fn req(user: User, target: Ref, options: Form<Options>) -> Result<Json
|
||||
|
||||
let perm = permissions::PermissionCalculator::new(&user)
|
||||
.with_channel(&target)
|
||||
.for_channel().await?;
|
||||
.for_channel()
|
||||
.await?;
|
||||
if !perm.get_view() {
|
||||
Err(Error::LabelMe)?
|
||||
}
|
||||
|
||||
@@ -26,7 +26,8 @@ pub async fn req(user: User, target: Ref, message: Json<Data>) -> Result<JsonVal
|
||||
|
||||
let perm = permissions::PermissionCalculator::new(&user)
|
||||
.with_channel(&target)
|
||||
.for_channel().await?;
|
||||
.for_channel()
|
||||
.await?;
|
||||
if !perm.get_send_message() {
|
||||
Err(Error::LabelMe)?
|
||||
}
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
use crate::database::*;
|
||||
use crate::util::result::{Error, Result};
|
||||
use crate::{database::*, notifications::websocket::is_online};
|
||||
|
||||
use rocket_contrib::json::JsonValue;
|
||||
|
||||
@@ -7,19 +7,16 @@ use rocket_contrib::json::JsonValue;
|
||||
pub async fn req(user: User, target: Ref) -> Result<JsonValue> {
|
||||
let mut target = target.fetch_user().await?;
|
||||
|
||||
let perm = permissions::PermissionCalculator::new(&user)
|
||||
.with_user(&target)
|
||||
.for_user_given()
|
||||
.await?;
|
||||
|
||||
if !perm.get_access() {
|
||||
Err(Error::LabelMe)?
|
||||
}
|
||||
|
||||
if user.id != target.id {
|
||||
// Check whether we are allowed to fetch this user.
|
||||
let perm = permissions::PermissionCalculator::new(&user)
|
||||
.with_user(&target)
|
||||
.for_user_given().await?;
|
||||
if !perm.get_access() {
|
||||
Err(Error::LabelMe)?
|
||||
}
|
||||
|
||||
// Only return user relationships if the target is the caller.
|
||||
target.relations = None;
|
||||
|
||||
// Add relevant relationship
|
||||
if let Some(relationships) = &user.relations {
|
||||
target.relationship = relationships
|
||||
.iter()
|
||||
@@ -33,7 +30,5 @@ pub async fn req(user: User, target: Ref) -> Result<JsonValue> {
|
||||
target.relationship = Some(RelationshipStatus::User);
|
||||
}
|
||||
|
||||
target.online = Some(is_online(&target.id));
|
||||
|
||||
Ok(json!(target))
|
||||
Ok(json!(target.with(perm)))
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user