Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-26 16:46:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: #7240

Browse Source
This commit is contained in:
Barış Soner Uşaklı
2019-02-05 15:27:41 -05:00
parent cd1209906d
commit a2f08e7da2
1 changed files with 21 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
src/socket.io/groups.js
View File

@@ -325,13 +325,9 @@ SocketGroups.cover.update = function (socket, data, callback) {
async.waterfall([ async.waterfall([
function (next) { function (next) {
groups.ownership.isOwner(socket.uid, data.groupName, next); canModifyGroup(socket.uid, data.groupName, next);
}, },
function (isOwner, next) { function (next) {
if (!isOwner) {
return next(new Error('[[error:no-privileges]]'));
}
groups.updateCover(socket.uid, data, next); groups.updateCover(socket.uid, data, next);
}, },
], callback); ], callback);
@@ -344,14 +340,27 @@ SocketGroups.cover.remove = function (socket, data, callback) {
async.waterfall([ async.waterfall([
function (next) { function (next) {
groups.ownership.isOwner(socket.uid, data.groupName, next); canModifyGroup(socket.uid, data.groupName, next);
}, },
function (isOwner, next) { function (next) {
if (!isOwner) {
return next(new Error('[[error:no-privileges]]'));
}
groups.removeCover(data, next); groups.removeCover(data, next);
}, },
], callback); ], callback);
}; };
function canModifyGroup(uid, groupName, callback) {
async.waterfall([
function (next) {
async.parallel({
isOwner: async.apply(groups.ownership.isOwner, uid, groupName),
isAdminOrGlobalMod: async.apply(user.isAdminOrGlobalMod, uid),
}, next);
},
function (results, next) {
if (!results.isOwner && !results.isAdminOrGlobalMod) {
return next(new Error('[[error:no-privileges]]'));
}
next();
},
], callback);
}