ami/tl-vikunja
1
0
Fork 0
Code Activity

Make sure to require admin rights when modifying list/namespace users to be consistent with teams

Browse Source 
Signed-off-by: kolaente <k@knt.li>
This commit is contained in:
kolaente
2020-08-12 18:20:47 +02:00
parent 5e84ce639f
commit 4a70c81b33
4 changed files with 12 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/models/list_users_rights.go
View File

@ -43,5 +43,5 @@ func (lu *ListUser) canDoListUser(a web.Auth) (bool, error) {
// Get the list and check if the user has write access on it
l := List{ID: lu.ListID}
return l.CanWrite(a)
return l.IsAdmin(a)
}

14
pkg/models/namespace_users_rights.go
View File

@ -22,18 +22,20 @@ import (
// CanCreate checks if the user can create a new user <-> namespace relation
func (nu *NamespaceUser) CanCreate(a web.Auth) (bool, error) {
n := &Namespace{ID: nu.NamespaceID}
return n.CanWrite(a)
return nu.canDoNamespaceUser(a)
}
// CanDelete checks if the user can delete a user <-> namespace relation
func (nu *NamespaceUser) CanDelete(a web.Auth) (bool, error) {
n := &Namespace{ID: nu.NamespaceID}
return n.CanWrite(a)
return nu.canDoNamespaceUser(a)
}
// CanUpdate checks if the user can update a user <-> namespace relation
func (nu *NamespaceUser) CanUpdate(a web.Auth) (bool, error) {
n := &Namespace{ID: nu.NamespaceID}
return n.CanWrite(a)
return nu.canDoNamespaceUser(a)
}
func (nu *NamespaceUser) canDoNamespaceUser(a web.Auth) (bool, error) {
n := &Namespace{ID: nu.NamespaceID}
return n.IsAdmin(a)
}