mirror of
https://github.com/matrix-org/matrix-hookshot.git
synced 2025-03-10 21:19:13 +00:00
Fix hookshot showing connections as editable when the user has no permission (#660)
* Fix getConnectionsForRequest reporting canEdit=true if the user has the default or greater PL * changelog
This commit is contained in:
Will Hunt
GitHub
parent
7575f93f67
commit
d602c895f3
1
changelog.d/660.bugfix
Normal file
1
changelog.d/660.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Fix Hookshot presenting room connections as editable if the user has a default-or-greater power levels. This was only a presentation bug, power levels were and are proeprly checked at creation/edit time.
|
||||||
@ -115,7 +115,6 @@ export class BridgeWidgetApi {
|
|||||||
// If we have a service filter.
|
// If we have a service filter.
|
||||||
.filter(c => typeof serviceFilter !== "string" || c?.service === serviceFilter) as GetConnectionsResponseItem[];
|
.filter(c => typeof serviceFilter !== "string" || c?.service === serviceFilter) as GetConnectionsResponseItem[];
|
||||||
const userPl = powerlevel.content.users?.[req.userId] || powerlevel.defaultUserLevel;
|
const userPl = powerlevel.content.users?.[req.userId] || powerlevel.defaultUserLevel;
|
||||||
|
|
||||||
for (const c of connections) {
|
for (const c of connections) {
|
||||||
const requiredPl = Math.max(powerlevel.content.events?.[c.type] || 0, powerlevel.defaultStateEventLevel);
|
const requiredPl = Math.max(powerlevel.content.events?.[c.type] || 0, powerlevel.defaultStateEventLevel);
|
||||||
c.canEdit = userPl >= requiredPl;
|
c.canEdit = userPl >= requiredPl;
|
||||||
@ -126,7 +125,7 @@ export class BridgeWidgetApi {
|
|||||||
|
|
||||||
return {
|
return {
|
||||||
connections,
|
connections,
|
||||||
canEdit: userPl >= powerlevel.defaultUserLevel
|
canEdit: userPl >= powerlevel.defaultStateEventLevel,
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user