summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlex Gleason <alex@alexgleason.me>2021-12-27 17:18:26 -0600
committerAlex Gleason <alex@alexgleason.me>2021-12-27 17:18:26 -0600
commit138f5a4517b7035597a4622a0dc293b6dec7a372 (patch)
tree95f0a9c317ffb56f402d951b680deed211530cd5
parent264f0fde1b9f0cbaf7679eeb59938eb9ca653779 (diff)
EnsureStaffPrivilegedPlug: don't let non-moderators through
-rw-r--r--lib/pleroma/web/plugs/ensure_staff_privileged_plug.ex11
1 files changed, 8 insertions, 3 deletions
diff --git a/lib/pleroma/web/plugs/ensure_staff_privileged_plug.ex b/lib/pleroma/web/plugs/ensure_staff_privileged_plug.ex
index fe0a11dec..c6ed45635 100644
--- a/lib/pleroma/web/plugs/ensure_staff_privileged_plug.ex
+++ b/lib/pleroma/web/plugs/ensure_staff_privileged_plug.ex
@@ -4,9 +4,8 @@
defmodule Pleroma.Web.Plugs.EnsureStaffPrivilegedPlug do
@moduledoc """
- Ensures if staff are privileged enough to do certain tasks
+ Ensures staff are privileged enough to do certain tasks.
"""
-
import Pleroma.Web.TranslationHelpers
import Plug.Conn
@@ -19,7 +18,7 @@ defmodule Pleroma.Web.Plugs.EnsureStaffPrivilegedPlug do
def call(%{assigns: %{user: %User{is_admin: true}}} = conn, _), do: conn
- def call(conn, _) do
+ def call(%{assigns: %{user: %User{is_moderator: true}}} = conn, _) do
if Config.get!([:instance, :privileged_staff]) do
conn
else
@@ -28,4 +27,10 @@ defmodule Pleroma.Web.Plugs.EnsureStaffPrivilegedPlug do
|> halt()
end
end
+
+ def call(conn, _) do
+ conn
+ |> render_error(:forbidden, "User is not a staff member.")
+ |> halt()
+ end
end