From b175b07e35484589bed642e91c2a99fa95b963ef Mon Sep 17 00:00:00 2001 From: Sven Heidemann Date: Mon, 2 Oct 2023 16:32:30 +0200 Subject: [PATCH] Fixed permission check --- .../modules/view/server/profile/profile.component.ts | 2 +- kdb-web/src/app/services/sidebar/sidebar.service.ts | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/kdb-web/src/app/modules/view/server/profile/profile.component.ts b/kdb-web/src/app/modules/view/server/profile/profile.component.ts index 4df9cda5..1ffda45c 100644 --- a/kdb-web/src/app/modules/view/server/profile/profile.component.ts +++ b/kdb-web/src/app/modules/view/server/profile/profile.component.ts @@ -48,7 +48,7 @@ export class ProfileComponent implements OnInit, OnDestroy { let authUser = await this.auth.getLoggedInUser(); this.spinner.showSpinner(); let user: UserDTO | null = authUser?.users?.find(u => u.server == server.id) ?? null; - if (!user || user?.id != params["memberId"] && !user?.isModerator) { + if (!user || user?.id != params["memberId"] && !user?.isModerator && !user.isModerator) { this.toast.error(this.translate.instant("view.server.profile.permission_denied"), this.translate.instant("view.server.profile.permission_denied_d")); this.spinner.hideSpinner(); await this.router.navigate(["/server", server.id]); diff --git a/kdb-web/src/app/services/sidebar/sidebar.service.ts b/kdb-web/src/app/services/sidebar/sidebar.service.ts index e525d629..bb4e2329 100644 --- a/kdb-web/src/app/services/sidebar/sidebar.service.ts +++ b/kdb-web/src/app/services/sidebar/sidebar.service.ts @@ -200,11 +200,11 @@ export class SidebarService { if (this.server) { this.serverMenu.visible = true; - this.serverMembers.visible = isTechnician || user?.isModerator; - this.serverAutoRoles.visible = isTechnician || this.hasFeature("AutoRoleModule") && user?.isModerator; - this.serverLevels.visible = isTechnician || this.hasFeature("LevelModule") && user?.isModerator; - this.serverAchievements.visible = isTechnician || this.hasFeature("AchievementsModule") && user?.isModerator; - this.serverShortRoleNames.visible = isTechnician || this.hasFeature("ShortRoleName") && user?.isAdmin; + this.serverMembers.visible = this.hasFeature("TechnicianFullAccess") && isTechnician || user?.isModerator; + this.serverAutoRoles.visible = this.hasFeature("TechnicianFullAccess") && isTechnician || this.hasFeature("AutoRoleModule") && user?.isModerator; + this.serverLevels.visible = this.hasFeature("TechnicianFullAccess") && isTechnician || this.hasFeature("LevelModule") && user?.isModerator; + this.serverAchievements.visible = this.hasFeature("TechnicianFullAccess") && isTechnician || this.hasFeature("AchievementsModule") && user?.isModerator; + this.serverShortRoleNames.visible = this.hasFeature("TechnicianFullAccess") && isTechnician || this.hasFeature("ShortRoleName") && user?.isAdmin; this.serverConfig.visible = isTechnician || user?.isAdmin; } else {