Optimised user model permissible fn

no issue - reordered the checks - optimisation for 2e3876b477
2025-01-06 22:40:14 -05:00 · 2018-10-06 11:07:37 +02:00 · 2018-10-06 11:07:37 +02:00 · 71b33c8bff
commit 71b33c8bff
parent 2e3876b477
1 changed files with 10 additions and 10 deletions
--- a/core/server/models/user.js
+++ b/core/server/models/user.js
@ -671,7 +671,7 @@ User = ghostBookshelf.Model.extend({
            let role = unsafeAttrs.roles[0];
            let roleId = role.id || role;
            let editedUserId = userModel.id;
-            let contextRoleId = userModel.related('roles').toJSON()[0].id;
+            let contextRoleId = loadedPermissions.user.roles[0].id;

            if (roleId !== contextRoleId && editedUserId === context.user) {
                return Promise.reject(new common.errors.NoPermissionError({
@ -681,7 +681,7 @@ User = ghostBookshelf.Model.extend({

            return User.getOwnerUser()
                .then((owner) => {
-                    if (userModel.id === owner.id) {
+                    if (context.user === owner.id) {
                        if (hasUserPermission && hasAppPermission) {
                            return Promise.resolve();
                        }
@ -708,7 +708,8 @@ User = ghostBookshelf.Model.extend({
                                    message: common.i18n.t('errors.models.user.notEnoughPermission')
                                }));
                            });
-                    } else {
+                    }
+
                    if (hasUserPermission && hasAppPermission) {
                        return Promise.resolve();
                    }
@ -716,7 +717,6 @@ User = ghostBookshelf.Model.extend({
                    return Promise.reject(new common.errors.NoPermissionError({
                        message: common.i18n.t('errors.models.user.notEnoughPermission')
                    }));
-                    }
                });
        }