Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2026-01-02 05:40:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: #8827, do not require admin:users privilege to ban users

Browse Source
This commit is contained in:
Julian Lam
2020-11-05 10:22:07 -05:00
parent 540a32cfdd
commit 891a1ea2af
2 changed files with 0 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/controllers/write/users.js
View File

@@ -59,13 +59,11 @@ Users.unfollow = async (req, res) => {
};
Users.ban = async (req, res) => {
await hasAdminPrivilege(req.uid, 'users');
await api.users.ban(req, { ...req.body, uid: req.params.uid });
helpers.formatApiResponse(200, res);
};
Users.unban = async (req, res) => {
await hasAdminPrivilege(req.uid, 'users');
await api.users.unban(req, { ...req.body, uid: req.params.uid });
helpers.formatApiResponse(200, res);
};

2
src/privileges/admin.js
View File

@@ -69,8 +69,6 @@ module.exports = function (privileges) {
'admin.user.loadGroups': 'admin:users',
'admin.groups.join': 'admin:users',
'admin.groups.leave': 'admin:users',
'user.banUsers': 'admin:users',
'user.unbanUsers': 'admin:users',
'admin.user.resetLockouts': 'admin:users',
'admin.user.validateEmail': 'admin:users',
'admin.user.sendValidationEmail': 'admin:users',