Re-structure Permissions; add perm to view users from mutual groups.
This commit is contained in:
@@ -7,7 +7,9 @@ use mongodb::bson::doc;
|
||||
pub async fn req(user: User, target: Ref) -> Result<()> {
|
||||
let target = target.fetch_channel().await?;
|
||||
|
||||
let perm = permissions::channel::calculate(&user, &target).await;
|
||||
let perm = permissions::PermissionCalculator::new(&user)
|
||||
.with_channel(&target)
|
||||
.for_channel().await?;
|
||||
if !perm.get_view() {
|
||||
Err(Error::LabelMe)?
|
||||
}
|
||||
|
||||
@@ -7,7 +7,9 @@ use rocket_contrib::json::JsonValue;
|
||||
pub async fn req(user: User, target: Ref) -> Result<JsonValue> {
|
||||
let target = target.fetch_channel().await?;
|
||||
|
||||
let perm = permissions::channel::calculate(&user, &target).await;
|
||||
let perm = permissions::PermissionCalculator::new(&user)
|
||||
.with_channel(&target)
|
||||
.for_channel().await?;
|
||||
if !perm.get_view() {
|
||||
Err(Error::LabelMe)?
|
||||
}
|
||||
|
||||
@@ -11,8 +11,9 @@ pub async fn req(user: User, target: Ref, member: Ref) -> Result<()> {
|
||||
}
|
||||
|
||||
let channel = target.fetch_channel().await?;
|
||||
|
||||
let perm = permissions::channel::calculate(&user, &channel).await;
|
||||
let perm = permissions::PermissionCalculator::new(&user)
|
||||
.with_channel(&channel)
|
||||
.for_channel().await?;
|
||||
if !perm.get_view() {
|
||||
Err(Error::LabelMe)?
|
||||
}
|
||||
|
||||
@@ -7,7 +7,9 @@ use mongodb::bson::doc;
|
||||
pub async fn req(user: User, target: Ref, msg: Ref) -> Result<()> {
|
||||
let channel = target.fetch_channel().await?;
|
||||
|
||||
let perm = permissions::channel::calculate(&user, &channel).await;
|
||||
let perm = permissions::PermissionCalculator::new(&user)
|
||||
.with_channel(&channel)
|
||||
.for_channel().await?;
|
||||
if !perm.get_view() {
|
||||
Err(Error::LabelMe)?
|
||||
}
|
||||
|
||||
@@ -19,8 +19,9 @@ pub async fn req(user: User, target: Ref, msg: Ref, edit: Json<Data>) -> Result<
|
||||
.map_err(|error| Error::FailedValidation { error })?;
|
||||
|
||||
let channel = target.fetch_channel().await?;
|
||||
|
||||
let perm = permissions::channel::calculate(&user, &channel).await;
|
||||
let perm = permissions::PermissionCalculator::new(&user)
|
||||
.with_channel(&channel)
|
||||
.for_channel().await?;
|
||||
if !perm.get_view() {
|
||||
Err(Error::LabelMe)?
|
||||
}
|
||||
|
||||
@@ -7,7 +7,9 @@ use rocket_contrib::json::JsonValue;
|
||||
pub async fn req(user: User, target: Ref, msg: Ref) -> Result<JsonValue> {
|
||||
let channel = target.fetch_channel().await?;
|
||||
|
||||
let perm = permissions::channel::calculate(&user, &channel).await;
|
||||
let perm = permissions::PermissionCalculator::new(&user)
|
||||
.with_channel(&channel)
|
||||
.for_channel().await?;
|
||||
if !perm.get_view() {
|
||||
Err(Error::LabelMe)?
|
||||
}
|
||||
|
||||
@@ -29,7 +29,9 @@ pub async fn req(user: User, target: Ref, options: Form<Options>) -> Result<Json
|
||||
|
||||
let target = target.fetch_channel().await?;
|
||||
|
||||
let perm = permissions::channel::calculate(&user, &target).await;
|
||||
let perm = permissions::PermissionCalculator::new(&user)
|
||||
.with_channel(&target)
|
||||
.for_channel().await?;
|
||||
if !perm.get_view() {
|
||||
Err(Error::LabelMe)?
|
||||
}
|
||||
|
||||
@@ -24,7 +24,9 @@ pub async fn req(user: User, target: Ref, message: Json<Data>) -> Result<JsonVal
|
||||
|
||||
let target = target.fetch_channel().await?;
|
||||
|
||||
let perm = permissions::channel::calculate(&user, &target).await;
|
||||
let perm = permissions::PermissionCalculator::new(&user)
|
||||
.with_channel(&target)
|
||||
.for_channel().await?;
|
||||
if !perm.get_send_message() {
|
||||
Err(Error::LabelMe)?
|
||||
}
|
||||
|
||||
@@ -9,7 +9,9 @@ pub async fn req(user: User, target: Ref) -> Result<JsonValue> {
|
||||
|
||||
if user.id != target.id {
|
||||
// Check whether we are allowed to fetch this user.
|
||||
let perm = permissions::user::calculate(&user, &target.id).await;
|
||||
let perm = permissions::PermissionCalculator::new(&user)
|
||||
.with_user(&target)
|
||||
.for_user_given().await?;
|
||||
if !perm.get_access() {
|
||||
Err(Error::LabelMe)?
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user