mirror of
https://github.com/LemmyNet/lemmy.git
synced 2024-11-29 15:51:20 +00:00
Adding admin/mod checks for ban and comment removal.
This commit is contained in:
parent
3ae8e98f3c
commit
185105b031
6 changed files with 54 additions and 11 deletions
|
@ -4,7 +4,12 @@ use lemmy_api_common::{
|
|||
community::{BanFromCommunity, BanFromCommunityResponse},
|
||||
context::LemmyContext,
|
||||
send_activity::{ActivityChannel, SendActivityData},
|
||||
utils::{check_community_mod_action, check_expire_time, remove_user_data_in_community},
|
||||
utils::{
|
||||
check_community_mod_action,
|
||||
check_expire_time,
|
||||
check_is_higher_mod,
|
||||
remove_user_data_in_community,
|
||||
},
|
||||
};
|
||||
use lemmy_db_schema::{
|
||||
source::{
|
||||
|
@ -44,6 +49,14 @@ pub async fn ban_from_community(
|
|||
)
|
||||
.await?;
|
||||
|
||||
check_is_higher_mod(
|
||||
&mut context.pool(),
|
||||
&local_user_view,
|
||||
data.community_id,
|
||||
&[data.person_id],
|
||||
)
|
||||
.await?;
|
||||
|
||||
if let Some(reason) = &data.reason {
|
||||
is_valid_body_field(reason, false)?;
|
||||
}
|
||||
|
|
|
@ -5,7 +5,7 @@ use lemmy_api_common::{
|
|||
context::LemmyContext,
|
||||
person::{BanPerson, BanPersonResponse},
|
||||
send_activity::{ActivityChannel, SendActivityData},
|
||||
utils::{check_expire_time, is_admin, remove_user_data},
|
||||
utils::{check_expire_time, check_is_higher_admin, is_admin, remove_user_data},
|
||||
};
|
||||
use lemmy_db_schema::{
|
||||
source::{
|
||||
|
@ -31,6 +31,9 @@ pub async fn ban_from_site(
|
|||
// Make sure user is an admin
|
||||
is_admin(&local_user_view)?;
|
||||
|
||||
// Also make sure you're a higher admin than the target
|
||||
check_is_higher_admin(&mut context.pool(), &local_user_view, &[data.person_id]).await?;
|
||||
|
||||
if let Some(reason) = &data.reason {
|
||||
is_valid_body_field(reason, false)?;
|
||||
}
|
||||
|
|
|
@ -178,6 +178,25 @@ pub async fn check_is_higher_admin(
|
|||
Ok(())
|
||||
}
|
||||
|
||||
/// Checks to make sure the acting admin is higher than the target admin.
|
||||
/// This needs to be done on admin removals, and all purge functions
|
||||
pub async fn check_is_higher_mod_or_admin(
|
||||
pool: &mut DbPool<'_>,
|
||||
local_user_view: &LocalUserView,
|
||||
community_id: CommunityId,
|
||||
target_person_ids: &[PersonId],
|
||||
) -> LemmyResult<()> {
|
||||
let higher_admin_check = check_is_higher_admin(pool, local_user_view, target_person_ids).await;
|
||||
let higher_mod_check =
|
||||
check_is_higher_mod(pool, local_user_view, community_id, target_person_ids).await;
|
||||
|
||||
if higher_mod_check.is_ok() || higher_admin_check.is_ok() {
|
||||
Ok(())
|
||||
} else {
|
||||
Err(LemmyErrorType::NotHigherMod)?
|
||||
}
|
||||
}
|
||||
|
||||
/// Marks a post as read for a given person.
|
||||
#[tracing::instrument(skip_all)]
|
||||
pub async fn mark_post_as_read(
|
||||
|
|
|
@ -5,7 +5,7 @@ use lemmy_api_common::{
|
|||
comment::{CommentResponse, RemoveComment},
|
||||
context::LemmyContext,
|
||||
send_activity::{ActivityChannel, SendActivityData},
|
||||
utils::check_community_mod_action,
|
||||
utils::{check_community_mod_action, check_is_higher_mod_or_admin},
|
||||
};
|
||||
use lemmy_db_schema::{
|
||||
source::{
|
||||
|
@ -37,6 +37,14 @@ pub async fn remove_comment(
|
|||
)
|
||||
.await?;
|
||||
|
||||
check_is_higher_mod_or_admin(
|
||||
&mut context.pool(),
|
||||
&local_user_view,
|
||||
orig_comment.community.id,
|
||||
&[orig_comment.creator.id],
|
||||
)
|
||||
.await?;
|
||||
|
||||
// Don't allow removing or restoring comment which was deleted by user, as it would reveal
|
||||
// the comment text in mod log.
|
||||
if orig_comment.comment.deleted {
|
||||
|
|
|
@ -241,7 +241,7 @@ impl CommunityModerator {
|
|||
for_community_id: CommunityId,
|
||||
mod_person_id: PersonId,
|
||||
target_person_ids: &[PersonId],
|
||||
) -> Result<bool, Error> {
|
||||
) -> Result<(), Error> {
|
||||
let conn = &mut get_conn(pool).await?;
|
||||
|
||||
// Build the list of persons
|
||||
|
@ -259,7 +259,7 @@ impl CommunityModerator {
|
|||
|
||||
// If the first result sorted by published is the acting mod
|
||||
if res.person_id == mod_person_id {
|
||||
Ok(true)
|
||||
Ok(())
|
||||
} else {
|
||||
Err(diesel::result::Error::NotFound)
|
||||
}
|
||||
|
@ -554,8 +554,8 @@ mod tests {
|
|||
inserted_bobby.id,
|
||||
&moderator_person_ids,
|
||||
)
|
||||
.await?;
|
||||
assert!(bobby_higher_check);
|
||||
.await;
|
||||
assert!(bobby_higher_check.is_ok());
|
||||
|
||||
// This should throw an error, since artemis was added later
|
||||
let artemis_higher_check = CommunityModerator::is_higher_mod_check(
|
||||
|
|
|
@ -221,7 +221,7 @@ impl LocalUser {
|
|||
pool: &mut DbPool<'_>,
|
||||
admin_person_id: PersonId,
|
||||
target_person_ids: &[PersonId],
|
||||
) -> Result<bool, Error> {
|
||||
) -> Result<(), Error> {
|
||||
let conn = &mut get_conn(pool).await?;
|
||||
|
||||
// Build the list of persons
|
||||
|
@ -239,7 +239,7 @@ impl LocalUser {
|
|||
|
||||
// If the first result sorted by published is the acting mod
|
||||
if res.person_id == admin_person_id {
|
||||
Ok(true)
|
||||
Ok(())
|
||||
} else {
|
||||
Err(diesel::result::Error::NotFound)
|
||||
}
|
||||
|
@ -346,8 +346,8 @@ mod tests {
|
|||
|
||||
// Make sure fiona is marked as a higher admin than delores, and vice versa
|
||||
let fiona_higher_check =
|
||||
LocalUser::is_higher_admin_check(pool, inserted_fiona_person.id, &admin_person_ids).await?;
|
||||
assert!(fiona_higher_check);
|
||||
LocalUser::is_higher_admin_check(pool, inserted_fiona_person.id, &admin_person_ids).await;
|
||||
assert!(fiona_higher_check.is_ok());
|
||||
|
||||
// This should throw an error, since delores was added later
|
||||
let delores_higher_check =
|
||||
|
|
Loading…
Reference in a new issue