parent
25e98064b6
commit
9d7009c772
5 changed files with 25 additions and 12 deletions
|
@ -3,7 +3,7 @@ use actix_web::web::Data;
|
|||
use lemmy_api_common::{
|
||||
context::LemmyContext,
|
||||
site::{PurgeComment, PurgeItemResponse},
|
||||
utils::{get_local_user_view_from_jwt, is_admin},
|
||||
utils::{get_local_user_view_from_jwt, is_top_admin},
|
||||
};
|
||||
use lemmy_db_schema::{
|
||||
source::{
|
||||
|
@ -28,8 +28,8 @@ impl Perform for PurgeComment {
|
|||
let local_user_view =
|
||||
get_local_user_view_from_jwt(&data.auth, context.pool(), context.secret()).await?;
|
||||
|
||||
// Only let admins purge an item
|
||||
is_admin(&local_user_view)?;
|
||||
// Only let the top admin purge an item
|
||||
is_top_admin(context.pool(), local_user_view.person.id).await?;
|
||||
|
||||
let comment_id = data.comment_id;
|
||||
|
||||
|
|
|
@ -4,7 +4,7 @@ use lemmy_api_common::{
|
|||
context::LemmyContext,
|
||||
request::purge_image_from_pictrs,
|
||||
site::{PurgeCommunity, PurgeItemResponse},
|
||||
utils::{get_local_user_view_from_jwt, is_admin, purge_image_posts_for_community},
|
||||
utils::{get_local_user_view_from_jwt, is_top_admin, purge_image_posts_for_community},
|
||||
};
|
||||
use lemmy_db_schema::{
|
||||
source::{
|
||||
|
@ -29,8 +29,8 @@ impl Perform for PurgeCommunity {
|
|||
let local_user_view =
|
||||
get_local_user_view_from_jwt(&data.auth, context.pool(), context.secret()).await?;
|
||||
|
||||
// Only let admins purge an item
|
||||
is_admin(&local_user_view)?;
|
||||
// Only let the top admin purge an item
|
||||
is_top_admin(context.pool(), local_user_view.person.id).await?;
|
||||
|
||||
let community_id = data.community_id;
|
||||
|
||||
|
|
|
@ -4,7 +4,7 @@ use lemmy_api_common::{
|
|||
context::LemmyContext,
|
||||
request::purge_image_from_pictrs,
|
||||
site::{PurgeItemResponse, PurgePerson},
|
||||
utils::{get_local_user_view_from_jwt, is_admin, purge_image_posts_for_person},
|
||||
utils::{get_local_user_view_from_jwt, is_top_admin, purge_image_posts_for_person},
|
||||
};
|
||||
use lemmy_db_schema::{
|
||||
source::{
|
||||
|
@ -29,8 +29,8 @@ impl Perform for PurgePerson {
|
|||
let local_user_view =
|
||||
get_local_user_view_from_jwt(&data.auth, context.pool(), context.secret()).await?;
|
||||
|
||||
// Only let admins purge an item
|
||||
is_admin(&local_user_view)?;
|
||||
// Only let the top admin purge an item
|
||||
is_top_admin(context.pool(), local_user_view.person.id).await?;
|
||||
|
||||
// Read the person to get their images
|
||||
let person_id = data.person_id;
|
||||
|
|
|
@ -4,7 +4,7 @@ use lemmy_api_common::{
|
|||
context::LemmyContext,
|
||||
request::purge_image_from_pictrs,
|
||||
site::{PurgeItemResponse, PurgePost},
|
||||
utils::{get_local_user_view_from_jwt, is_admin},
|
||||
utils::{get_local_user_view_from_jwt, is_top_admin},
|
||||
};
|
||||
use lemmy_db_schema::{
|
||||
source::{
|
||||
|
@ -29,8 +29,8 @@ impl Perform for PurgePost {
|
|||
let local_user_view =
|
||||
get_local_user_view_from_jwt(&data.auth, context.pool(), context.secret()).await?;
|
||||
|
||||
// Only let admins purge an item
|
||||
is_admin(&local_user_view)?;
|
||||
// Only let the top admin purge an item
|
||||
is_top_admin(context.pool(), local_user_view.person.id).await?;
|
||||
|
||||
let post_id = data.post_id;
|
||||
|
||||
|
|
|
@ -30,6 +30,7 @@ use lemmy_db_views_actor::structs::{
|
|||
CommunityModeratorView,
|
||||
CommunityPersonBanView,
|
||||
CommunityView,
|
||||
PersonViewSafe,
|
||||
};
|
||||
use lemmy_utils::{
|
||||
claims::Claims,
|
||||
|
@ -60,6 +61,18 @@ pub async fn is_mod_or_admin(
|
|||
Ok(())
|
||||
}
|
||||
|
||||
pub async fn is_top_admin(pool: &DbPool, person_id: PersonId) -> Result<(), LemmyError> {
|
||||
let admins = PersonViewSafe::admins(pool).await?;
|
||||
let top_admin = admins
|
||||
.get(0)
|
||||
.ok_or_else(|| LemmyError::from_message("no admins"))?;
|
||||
|
||||
if top_admin.person.id != person_id {
|
||||
return Err(LemmyError::from_message("not_top_admin"));
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
|
||||
pub fn is_admin(local_user_view: &LocalUserView) -> Result<(), LemmyError> {
|
||||
if !local_user_view.person.admin {
|
||||
return Err(LemmyError::from_message("not_an_admin"));
|
||||
|
|
Loading…
Reference in a new issue