misty.cafe/mistykey
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

pass access token through API to enforce rank

Browse source
This commit is contained in:
Hazelnoot 2025-06-21 12:40:37 -04:00
parent fae87e03c0
commit 186c615e3f
166 changed files with 473 additions and 380 deletions
Download patch file Download diff file Expand all files Collapse all files

7
packages/backend/src/core/RoleService.ts
View file

@ -8,6 +8,7 @@ import * as Redis from 'ioredis';
import { In } from 'typeorm';
import { ModuleRef } from '@nestjs/core';
import type {
MiAccessToken,
MiMeta,
MiRole,
MiRoleAssignment,
@ -512,14 +513,16 @@ export class RoleService implements OnApplicationShutdown, OnModuleInit {
}
@bindThis
public async isModerator(user: { id: MiUser['id'] } | null): Promise<boolean> {
public async isModerator(user: { id: MiUser['id'] } | null, token?: MiAccessToken | null): Promise<boolean> {
if (user == null) return false;
if (token?.rank != null && token.rank !== 'admin' && token.rank !== 'mod') return false;
return (this.meta.rootUserId === user.id) || (await this.getUserRoles(user.id)).some(r => r.isModerator || r.isAdministrator);
}
@bindThis
public async isAdministrator(user: { id: MiUser['id'] } | null): Promise<boolean> {
public async isAdministrator(user: { id: MiUser['id'] } | null, token?: MiAccessToken | null): Promise<boolean> {
if (user == null) return false;
if (token?.rank != null && token.rank !== 'admin') return false;
return (this.meta.rootUserId === user.id) || (await this.getUserRoles(user.id)).some(r => r.isAdministrator);
}