blob: f886c87ea4f6362925b732693f25577a8d6ccf2e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
# Pleroma: A lightweight social networking server
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.Plugs.EnsurePrivilegedPlug do
@moduledoc """
Ensures staff are privileged enough to do certain tasks.
"""
import Pleroma.Web.TranslationHelpers
import Plug.Conn
alias Pleroma.Config
alias Pleroma.User
def init(options) do
options
end
def call(%{assigns: %{user: %User{is_admin: false, is_moderator: false}}} = conn, _) do
conn
|> render_error(:forbidden, "User isn't privileged.")
|> halt()
end
def call(
%{assigns: %{user: %User{is_admin: is_admin, is_moderator: is_moderator}}} = conn,
privilege
) do
if (is_admin and privilege in Config.get([:instance, :admin_privileges])) or
(is_moderator and privilege in Config.get([:instance, :moderator_privileges])) do
conn
else
conn
|> render_error(:forbidden, "User isn't privileged.")
|> halt()
end
end
def call(conn, _) do
conn
|> render_error(:forbidden, "User isn't privileged.")
|> halt()
end
end
|
