Fix ModUser logic.

master
Philippe Pittoli 2023-06-12 20:54:04 +02:00
parent cb358ef1de
commit 3e807ad63e
1 changed files with 11 additions and 7 deletions

View File

@ -50,8 +50,8 @@ class AuthD::Request
AuthD.requests << AddUser AuthD.requests << AddUser
IPC::JSON.message ModUser, 5 do IPC::JSON.message ModUser, 5 do
property user : UserID property user : UserID | Nil = nil
property admin : Bool = false property admin : Bool? = nil
property password : String? = nil property password : String? = nil
property email : String? = nil property email : String? = nil
property phone : String? = nil property phone : String? = nil
@ -63,14 +63,18 @@ class AuthD::Request
logged_user = authd.get_logged_user_full? fd logged_user = authd.get_logged_user_full? fd
return Response::Error.new "you must be logged" if logged_user.nil? return Response::Error.new "you must be logged" if logged_user.nil?
user = authd.user? @user user = if u = @user
logged_user.assert_permission("authd", "*", User::PermissionLevel::Edit)
authd.user? u
else
logged_user
end
return Response::Error.new "user not found" if user.nil? return Response::Error.new "user not found" if user.nil?
# Only an admin can uprank someone. # Only an admin can uprank or downrank someone.
if @admin if admin = @admin
logged_user.assert_permission("authd", "*", User::PermissionLevel::Admin) logged_user.assert_permission("authd", "*", User::PermissionLevel::Admin)
else user.admin = admin
logged_user.assert_permission("authd", "*", User::PermissionLevel::Edit)
end end
@password.try do |s| @password.try do |s|