From a735cc35db129276c79b50c714c5d8b90de6048a Mon Sep 17 00:00:00 2001 From: Karchnu Date: Sun, 22 Nov 2020 13:48:19 +0100 Subject: [PATCH] List: bugfix. --- src/requests/list.cr | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/src/requests/list.cr b/src/requests/list.cr index 423ad76..edd05d1 100644 --- a/src/requests/list.cr +++ b/src/requests/list.cr @@ -11,9 +11,21 @@ class AuthD::Request @token.try do |token| user = authd.get_user_from_token token - return Response::Error.new "unauthorized (user not found from token)" + return Response::Error.new "unauthorized (user not found from token)" unless user - return Response::Error.new "unauthorized (user not in authd group)" unless user.permissions["authd"]?.try(&.["*"].>=(User::PermissionLevel::Read)) + # Test if the user is a moderator. + if permissions = user.permissions["authd"]? + if rights = permissions["*"]? + if rights >= User::PermissionLevel::Read + else + raise AdminAuthorizationException.new "unauthorized (insufficient rights on '*')" + end + else + raise AdminAuthorizationException.new "unauthorized (no rights on '*')" + end + else + raise AdminAuthorizationException.new "unauthorized (user not in authd group)" + end end @key.try do |key|