mirror of
https://github.com/nodemailer/wildduck.git
synced 2024-09-20 15:26:03 +08:00
Added role for attachments
This commit is contained in:
parent
98629ef443
commit
08200e4795
|
@ -40,6 +40,13 @@
|
|||
"delete:any": ["*"]
|
||||
},
|
||||
|
||||
"attachments": {
|
||||
"create:any": ["*"],
|
||||
"read:any": ["*"],
|
||||
"update:any": ["*"],
|
||||
"delete:any": ["*"]
|
||||
},
|
||||
|
||||
"storage": {
|
||||
"create:any": ["*"],
|
||||
"read:any": ["*"],
|
||||
|
@ -177,6 +184,13 @@
|
|||
"delete:any": ["*"]
|
||||
},
|
||||
|
||||
"attachments": {
|
||||
"create:any": ["*"],
|
||||
"read:any": ["*"],
|
||||
"update:any": ["*"],
|
||||
"delete:any": ["*"]
|
||||
},
|
||||
|
||||
"storage": {
|
||||
"create:any": ["*"],
|
||||
"read:any": ["*"],
|
||||
|
@ -244,6 +258,13 @@
|
|||
"delete:own": ["*"]
|
||||
},
|
||||
|
||||
"attachments": {
|
||||
"create:own": ["*"],
|
||||
"read:own": ["*"],
|
||||
"update:own": ["*"],
|
||||
"delete:own": ["*"]
|
||||
},
|
||||
|
||||
"storage": {
|
||||
"create:own": ["*"],
|
||||
"read:own": ["*"],
|
||||
|
@ -279,6 +300,12 @@
|
|||
}
|
||||
},
|
||||
|
||||
"attachments": {
|
||||
"attachments": {
|
||||
"read:any": ["*"]
|
||||
}
|
||||
},
|
||||
|
||||
"tokenAuth": {
|
||||
"authentication": {
|
||||
"create:any": ["*"]
|
||||
|
|
|
@ -1750,9 +1750,9 @@ module.exports = (db, server, messageHandler, userHandler, storageHandler) => {
|
|||
|
||||
// permissions check
|
||||
if (req.user && req.user === result.value.user) {
|
||||
req.validate(roles.can(req.role).readOwn('messages'));
|
||||
req.validate(roles.can(req.role).readOwn('attachments'));
|
||||
} else {
|
||||
req.validate(roles.can(req.role).readAny('messages'));
|
||||
req.validate(roles.can(req.role).readAny('attachments'));
|
||||
}
|
||||
|
||||
let user = new ObjectID(result.value.user);
|
||||
|
|
Loading…
Reference in a new issue