shockrah/freechat
shockrah/freechat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Pointless permissions check /message/send handler

Browse Source 
Auth module literally does this for us see: auth::valid_perms
This commit is contained in:
shockrah 2021-05-11 17:27:04 -07:00
parent a941165ea5
commit a0d60c0568
1 changed files with 0 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
json-api/src/messages.rs
View File

@ -63,7 +63,6 @@ pub async fn send_message(pool: &Pool, response: &mut Response<Body>, body: Body
* TODO: more features here because send_message is a large handler
*/
use db::Response::*;
use db::Member;
// NOTE: auth module guarantees that id will be present so the unwrap is safe
let uid = qs_param!(params, "id", u64).unwrap();
@ -77,21 +76,6 @@ pub async fn send_message(pool: &Pool, response: &mut Response<Body>, body: Body
None => None
};
let permissions = match Member::get(pool, uid).await {
Ok(dbresponse) => match dbresponse {
Row(user) => user.permissions,
_ => 0
},
Err(e) => {
eprintln!("[DB-SQL] {}",e );
0
}
};
if perms::has_perm(permissions, perms::SEND_MESSAGES) == false {
*response.status_mut() = StatusCode::BAD_REQUEST;
return;
}
let channel_id = qs_param!(params, "channel_id", u64);
// Black magic