summaryrefslogtreecommitdiff
path: root/packages/backend/src/server/api/endpoints/notes/delete.ts
diff options
context:
space:
mode:
Diffstat (limited to 'packages/backend/src/server/api/endpoints/notes/delete.ts')
-rw-r--r--packages/backend/src/server/api/endpoints/notes/delete.ts6
1 files changed, 4 insertions, 2 deletions
diff --git a/packages/backend/src/server/api/endpoints/notes/delete.ts b/packages/backend/src/server/api/endpoints/notes/delete.ts
index 3c6e7bf768..16c4c01387 100644
--- a/packages/backend/src/server/api/endpoints/notes/delete.ts
+++ b/packages/backend/src/server/api/endpoints/notes/delete.ts
@@ -4,8 +4,9 @@ import type { UsersRepository } from '@/models/index.js';
import { Endpoint } from '@/server/api/endpoint-base.js';
import { NoteDeleteService } from '@/core/NoteDeleteService.js';
import { DI } from '@/di-symbols.js';
-import { ApiError } from '../../error.js';
import { GetterService } from '@/server/api/GetterService.js';
+import { RoleService } from '@/core/RoleService.js';
+import { ApiError } from '../../error.js';
export const meta = {
tags: ['notes'],
@@ -51,6 +52,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
private usersRepository: UsersRepository,
private getterService: GetterService,
+ private roleService: RoleService,
private noteDeleteService: NoteDeleteService,
) {
super(meta, paramDef, async (ps, me) => {
@@ -59,7 +61,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
throw err;
});
- if ((!me.isAdmin && !me.isModerator) && (note.userId !== me.id)) {
+ if (!await this.roleService.isModerator(me) && (note.userId !== me.id)) {
throw new ApiError(meta.errors.accessDenied);
}
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-03-03 13:23:53 +0000