tarrien/Mastodon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add finer permission requirements for managing webhooks (#25463)

Browse Source
This commit is contained in:
Claire
2023-06-22 14:52:25 +02:00
parent 8acbfc6ab1
commit e65e3a6d14
5 changed files with 30 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/policies/webhook_policy.rb
View File

@ -14,7 +14,7 @@ class WebhookPolicy < ApplicationPolicy
end
def update?
role.can?(:manage_webhooks)
role.can?(:manage_webhooks) && record.required_permissions.all? { |permission| role.can?(permission) }
end
def enable?
@ -30,6 +30,6 @@ class WebhookPolicy < ApplicationPolicy
end
def destroy?
role.can?(:manage_webhooks)
role.can?(:manage_webhooks) && record.required_permissions.all? { |permission| role.can?(permission) }
end
end