nodemailer/wildduck
1
1
Fork 0
mirror of https://github.com/nodemailer/wildduck.git synced 2024-09-20 15:26:03 +08:00
Code Issues Packages Projects Releases Wiki Activity

Added role for attachments

Browse source
This commit is contained in:
Andris Reinman 2019-09-19 15:38:56 +03:00
parent 98629ef443
commit 08200e4795
2 changed files with 29 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
config/roles.json
View file

@ -40,6 +40,13 @@
"delete:any": ["*"]
},
"attachments": {
"create:any": ["*"],
"read:any": ["*"],
"update:any": ["*"],
"delete:any": ["*"]
},
"storage": {
"create:any": ["*"],
"read:any": ["*"],
@ -177,6 +184,13 @@
"delete:any": ["*"]
},
"attachments": {
"create:any": ["*"],
"read:any": ["*"],
"update:any": ["*"],
"delete:any": ["*"]
},
"storage": {
"create:any": ["*"],
"read:any": ["*"],
@ -244,6 +258,13 @@
"delete:own": ["*"]
},
"attachments": {
"create:own": ["*"],
"read:own": ["*"],
"update:own": ["*"],
"delete:own": ["*"]
},
"storage": {
"create:own": ["*"],
"read:own": ["*"],
@ -279,6 +300,12 @@
}
},
"attachments": {
"attachments": {
"read:any": ["*"]
}
},
"tokenAuth": {
"authentication": {
"create:any": ["*"]

4
lib/api/messages.js
View file

@ -1750,9 +1750,9 @@ module.exports = (db, server, messageHandler, userHandler, storageHandler) => {
// permissions check
if (req.user && req.user === result.value.user) {
req.validate(roles.can(req.role).readOwn('messages'));
req.validate(roles.can(req.role).readOwn('attachments'));
} else {
req.validate(roles.can(req.role).readAny('messages'));
req.validate(roles.can(req.role).readAny('attachments'));
}
let user = new ObjectID(result.value.user);