DeforaNetworks/corteza
3
0
Fork 0
Code Activity

Fix permission check for message filtering and make it conditional

Browse Source
This commit is contained in:
Denis Arh
2019-03-12 18:10:11 +01:00
parent e352f065c3
commit a6f02008fe
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
messaging/service/message.go
View File

@@ -97,7 +97,7 @@ func (svc *message) With(ctx context.Context) MessageService {
func (svc *message) Find(filter *types.MessageFilter) (mm types.MessageSet, err error) {
filter.CurrentUserID = auth.GetIdentityFromContext(svc.ctx).Identity()
if !svc.prm.CanReadChannelByID(filter.ChannelID) {
if filter.ChannelID > 0 && !svc.prm.CanReadChannelByID(filter.ChannelID) {
return nil, errors.New("not allowed to access channel")
}
@@ -112,7 +112,7 @@ func (svc *message) Find(filter *types.MessageFilter) (mm types.MessageSet, err
func (svc *message) FindThreads(filter *types.MessageFilter) (mm types.MessageSet, err error) {
filter.CurrentUserID = auth.GetIdentityFromContext(svc.ctx).Identity()
if !svc.prm.CanReadChannelByID(filter.ChannelID) {
if filter.ChannelID > 0 && !svc.prm.CanReadChannelByID(filter.ChannelID) {
return nil, errors.New("not allowed to access channel")
}