YourSelfHosted/memos
1
0
Fork 0
mirror of https://github.com/usememos/memos.git synced 2025-06-05 22:09:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: allow admin users to update other memos

Browse Source
This commit is contained in:
johnnyjoy
2024-09-02 20:59:22 +08:00
parent 8c6682bd77
commit 7a9f61967d
2 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
server/router/api/v1/memo_service.go
View File

@ -225,7 +225,8 @@ func (s *APIV1Service) UpdateMemo(ctx context.Context, request *v1pb.UpdateMemoR
if err != nil {
return nil, status.Errorf(codes.Internal, "failed to get current user")
}
if memo.CreatorID != user.ID {
// Only the creator or admin can update the memo.
if memo.CreatorID != user.ID && !isSuperUser(user) {
return nil, status.Errorf(codes.PermissionDenied, "permission denied")
}
@ -336,7 +337,8 @@ func (s *APIV1Service) DeleteMemo(ctx context.Context, request *v1pb.DeleteMemoR
if err != nil {
return nil, status.Errorf(codes.Internal, "failed to get current user")
}
if memo.CreatorID != user.ID {
// Only the creator or admin can update the memo.
if memo.CreatorID != user.ID && !isSuperUser(user) {
return nil, status.Errorf(codes.PermissionDenied, "permission denied")
}
@ -1167,3 +1169,7 @@ func substring(s string, length int) string {
return s[:byteIndex]
}
func isSuperUser(user *store.User) bool {
return user.Role == store.RoleAdmin || user.Role == store.RoleHost
}