diff options
| author | syuilo <Syuilotan@yahoo.co.jp> | 2023-01-12 21:02:26 +0900 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-01-12 21:02:26 +0900 |
| commit | 2470afaa2e200fb2fc748e0f8eef5e2c215369b6 (patch) | |
| tree | c270452679996127a9d15c4ba5f97b39bb9ba560 /packages/backend/src/server/web/ClientServerService.ts | |
| parent | Update CHANGELOG.md (diff) | |
| download | sharkey-2470afaa2e200fb2fc748e0f8eef5e2c215369b6.tar.gz sharkey-2470afaa2e200fb2fc748e0f8eef5e2c215369b6.tar.bz2 sharkey-2470afaa2e200fb2fc748e0f8eef5e2c215369b6.zip | |
Role (#9437)
* wip
* Update CHANGELOG.md
* wip
* wip
* wip
* Update create.ts
* wip
* wip
* Update CHANGELOG.md
* wip
* wip
* wip
* wip
* wip
* wip
* wip
* Update CHANGELOG.md
* wip
* wip
* Update delete.ts
* Update delete.ts
* wip
* wip
* wip
* Update account-info.vue
* wip
* wip
* Update settings.vue
* Update user-info.vue
* wip
* Update show-file.ts
* Update show-user.ts
* wip
* wip
* Update delete.ts
* wip
* wip
* Update overview.moderators.vue
* Create 1673500412259-Role.js
* wip
* wip
* Update roles.vue
* 色
* Update roles.vue
* integrate silence
* wip
* wip
Diffstat (limited to 'packages/backend/src/server/web/ClientServerService.ts')
| -rw-r--r-- | packages/backend/src/server/web/ClientServerService.ts | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/packages/backend/src/server/web/ClientServerService.ts b/packages/backend/src/server/web/ClientServerService.ts index 5c29224019..2a764a25b0 100644 --- a/packages/backend/src/server/web/ClientServerService.ts +++ b/packages/backend/src/server/web/ClientServerService.ts @@ -29,6 +29,7 @@ import type { ChannelsRepository, ClipsRepository, EmojisRepository, FlashsRepos import { deepClone } from '@/misc/clone.js'; import { bindThis } from '@/decorators.js'; import { FlashEntityService } from '@/core/entities/FlashEntityService.js'; +import { RoleService } from '@/core/RoleService.js'; import manifest from './manifest.json' assert { type: 'json' }; import { FeedService } from './FeedService.js'; import { UrlPreviewService } from './UrlPreviewService.js'; @@ -83,6 +84,7 @@ export class ClientServerService { private metaService: MetaService, private urlPreviewService: UrlPreviewService, private feedService: FeedService, + private roleService: RoleService, @Inject('queue:system') public systemQueue: SystemQueue, @Inject('queue:endedPollNotification') public endedPollNotificationQueue: EndedPollNotificationQueue, @@ -125,7 +127,12 @@ export class ClientServerService { throw new Error('login required'); } const user = await this.usersRepository.findOneBy({ token }); - if (user == null || !(user.isAdmin || user.isModerator)) { + if (user == null) { + reply.code(403); + throw new Error('no such user'); + } + const isAdministrator = await this.roleService.isAdministrator(user); + if (!isAdministrator) { reply.code(403); throw new Error('access denied'); } |