github/Ombi
1
0
Fork 0
mirror of https://github.com/Ombi-app/Ombi.git synced 2025-08-23 06:25:24 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Refactor CheckCanManageRequest

Browse source
This commit is contained in:
Florian Dupret 2021-11-11 10:46:44 +01:00
commit 40e51c84dc
1 changed files with 17 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

31
src/Ombi.Core/Engine/BaseMediaEngine.cs
View file

@ -79,26 +79,29 @@ namespace Ombi.Core.Engine
}
protected async Task<RequestEngineResult> CheckCanManageRequest(BaseRequest request) {
var errorResult = new RequestEngineResult {
Result = false,
ErrorCode = ErrorCode.NoPermissions
};
var successResult = new RequestEngineResult { Result = true };
// Admins can always manage requests
var isAdmin = await IsInRole(OmbiRoles.PowerUser) || await IsInRole(OmbiRoles.Admin);
if (isAdmin) {
return new RequestEngineResult { Result = true };
}
// Users with 'ManageOwnRequests' can only manage their own requests
var canManageOwnRequests = await IsInRole(OmbiRoles.ManageOwnRequests);
if (canManageOwnRequests) {
var isRequestedBySameUser = ( await GetUser() ).Id == request.RequestedUser?.Id;
if (isRequestedBySameUser) {
return new RequestEngineResult { Result = true };
}
return successResult;
}
return new RequestEngineResult
{
Result = false,
ErrorCode = ErrorCode.NoPermissions
};
// Users with 'ManageOwnRequests' can only manage their own requests
var canManageOwnRequests = await IsInRole(OmbiRoles.ManageOwnRequests);
if (!canManageOwnRequests) {
return errorResult;
}
var isRequestedBySameUser = ( await GetUser() ).Id == request.RequestedUser?.Id;
if (isRequestedBySameUser) {
return successResult;
}
return errorResult;
}
public RequestCountModel RequestCount()