Penpot/penpot
0
Fork 0
mirror of https://github.com/penpot/penpot.git synced 2025-01-08 07:50:43 -05:00
Code Issues Activity

🐛 Fix permission handling on team mutations.

Browse source
This commit is contained in:
Andrey Antukh 2021-02-01 09:46:17 +01:00 committed by Alonso Torres
parent 4afd9e75da
commit a397ab63f7
2 changed files with 12 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
backend/src/app/rpc/mutations/teams.clj
View file

@ -103,7 +103,7 @@
(let [perms (teams/check-read-permissions! conn profile-id id)
members (teams/retrieve-team-members conn id)]
(when (:is-owner perms)
(when (some :is-owner perms)
(ex/raise :type :validation
:code :owner-cant-leave-team
:hint "reasing owner before leave"))
@ -129,7 +129,7 @@
[{:keys [pool] :as cfg} {:keys [id profile-id] :as params}]
(db/with-atomic [conn pool]
(let [perms (teams/check-edition-permissions! conn profile-id id)]
(when-not (:is-owner perms)
(when-not (some :is-owner perms)
(ex/raise :type :validation
:code :only-owner-can-delete-team))
@ -298,7 +298,7 @@
:member-email (:email member email)
:member-id (:id member)})]
(when-not (:is-admin perms)
(when-not (some :is-admin perms)
(ex/raise :type :validation
:code :insufficient-permissions))

18
backend/src/app/rpc/permissions.clj
View file

@ -19,13 +19,14 @@
(us/assert fn? qfn)
(fn [& args]
(let [rows (apply qfn args)]
(when (or (empty? rows)
(not (or (some :can-edit rows)
(some :is-admin rows)
(some :is-owner rows))))
(if (or (empty? rows)
(not (or (some :can-edit rows)
(some :is-admin rows)
(some :is-owner rows))))
(ex/raise :type :not-found
:code :object-not-found
:hint "not found")))))
:hint "not found")
rows))))
(defn make-read-check-fn
"A simple factory for read permission check functions."
@ -33,8 +34,7 @@
(us/assert fn? qfn)
(fn [& args]
(let [rows (apply qfn args)]
(when-not (seq rows)
(if-not (seq rows)
(ex/raise :type :not-found
:code :object-not-found)))))
:code :object-not-found)
rows))))