Baguette/authd
3
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

List: bugfix.

Browse Source
This commit is contained in:
Karchnu 2020-11-22 13:48:19 +01:00
parent db827359ee
commit a735cc35db
1 changed files with 14 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/requests/list.cr
View File

@ -11,9 +11,21 @@ class AuthD::Request
@token.try do |token| @token.try do |token|
user = authd.get_user_from_token token user = authd.get_user_from_token token
return Response::Error.new "unauthorized (user not found from token)" return Response::Error.new "unauthorized (user not found from token)" unless user
return Response::Error.new "unauthorized (user not in authd group)" unless user.permissions["authd"]?.try(&.["*"].>=(User::PermissionLevel::Read)) # Test if the user is a moderator.
if permissions = user.permissions["authd"]?
if rights = permissions["*"]?
if rights >= User::PermissionLevel::Read
else
raise AdminAuthorizationException.new "unauthorized (insufficient rights on '*')"
end
else
raise AdminAuthorizationException.new "unauthorized (no rights on '*')"
end
else
raise AdminAuthorizationException.new "unauthorized (user not in authd group)"
end
end end
@key.try do |key| @key.try do |key|