From a0d60c05683d689249ee297ab49e273b7bec791f Mon Sep 17 00:00:00 2001
From: shockrah <alejandros714@protonmail.com>
Date: Tue, 11 May 2021 17:27:04 -0700
Subject: [PATCH] - Pointless permissions check /message/send handler Auth
 module literally does this for us see: auth::valid_perms

---
 json-api/src/messages.rs | 16 ----------------
 1 file changed, 16 deletions(-)

diff --git a/json-api/src/messages.rs b/json-api/src/messages.rs
index 2fd53cd..e38e2dc 100644
--- a/json-api/src/messages.rs
+++ b/json-api/src/messages.rs
@@ -63,7 +63,6 @@ pub async fn send_message(pool: &Pool, response: &mut Response<Body>, body: Body
      * TODO: more features here because send_message is a large handler
     */
     use db::Response::*;
-    use db::Member;
 
     // NOTE: auth module guarantees that id will be present so the unwrap is safe
     let uid = qs_param!(params, "id", u64).unwrap();
@@ -77,21 +76,6 @@ pub async fn send_message(pool: &Pool, response: &mut Response<Body>, body: Body
         None => None
     };
 
-    let permissions = match Member::get(pool, uid).await {
-        Ok(dbresponse) => match dbresponse {
-            Row(user) => user.permissions,
-            _ => 0
-        },
-        Err(e) => {
-            eprintln!("[DB-SQL] {}",e );
-            0
-        }
-    };
-    if perms::has_perm(permissions, perms::SEND_MESSAGES) == false {
-        *response.status_mut() = StatusCode::BAD_REQUEST;
-        return;
-    }
-
     let channel_id = qs_param!(params, "channel_id", u64);
 
     // Black magic