summaryrefslogtreecommitdiff
path: root/packages/backend/src/server/api/ApiCallService.ts
diff options
context:
space:
mode:
Diffstat (limited to 'packages/backend/src/server/api/ApiCallService.ts')
-rw-r--r--packages/backend/src/server/api/ApiCallService.ts8
1 files changed, 4 insertions, 4 deletions
diff --git a/packages/backend/src/server/api/ApiCallService.ts b/packages/backend/src/server/api/ApiCallService.ts
index dcc9342a82..395a1c468a 100644
--- a/packages/backend/src/server/api/ApiCallService.ts
+++ b/packages/backend/src/server/api/ApiCallService.ts
@@ -225,7 +225,7 @@ export class ApiCallService implements OnApplicationShutdown {
}
// TODO: 毎リクエスト計算するのもあれだしキャッシュしたい
- const factor = user ? (await this.roleService.getUserRoleOptions(user.id)).rateLimitFactor : 1;
+ const factor = user ? (await this.roleService.getUserPolicies(user.id)).rateLimitFactor : 1;
// Rate limit
await this.rateLimiterService.limit(limit as IEndpointMeta['limit'] & { key: NonNullable<string> }, limitActor, factor).catch(err => {
@@ -274,9 +274,9 @@ export class ApiCallService implements OnApplicationShutdown {
}
}
- if (ep.meta.requireRoleOption != null && !user!.isRoot) {
- const myRole = await this.roleService.getUserRoleOptions(user!.id);
- if (!myRole[ep.meta.requireRoleOption]) {
+ if (ep.meta.requireRolePolicy != null && !user!.isRoot) {
+ const policies = await this.roleService.getUserPolicies(user!.id);
+ if (!policies[ep.meta.requireRolePolicy]) {
throw new ApiError({
message: 'You are not assigned to a required role.',
code: 'ROLE_PERMISSION_DENIED',
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-03-03 16:55:19 +0000