Fix ModUser logic.

This commit is contained in:
Philippe Pittoli 2023-06-12 20:54:04 +02:00
parent cb358ef1de
commit 3e807ad63e

View File

@ -50,8 +50,8 @@ class AuthD::Request
AuthD.requests << AddUser
IPC::JSON.message ModUser, 5 do
property user : UserID
property admin : Bool = false
property user : UserID | Nil = nil
property admin : Bool? = nil
property password : String? = nil
property email : String? = nil
property phone : String? = nil
@ -63,14 +63,18 @@ class AuthD::Request
logged_user = authd.get_logged_user_full? fd
return Response::Error.new "you must be logged" if logged_user.nil?
user = authd.user? @user
user = if u = @user
logged_user.assert_permission("authd", "*", User::PermissionLevel::Edit)
authd.user? u
else
logged_user
end
return Response::Error.new "user not found" if user.nil?
# Only an admin can uprank someone.
if @admin
# Only an admin can uprank or downrank someone.
if admin = @admin
logged_user.assert_permission("authd", "*", User::PermissionLevel::Admin)
else
logged_user.assert_permission("authd", "*", User::PermissionLevel::Edit)
user.admin = admin
end
@password.try do |s|