nodemailer/wildduck
1
1
Fork 0
mirror of https://github.com/nodemailer/wildduck.git synced 2024-12-29 03:36:06 +08:00
Code Issues Projects Releases Packages Wiki Activity

Changed permissions for deleteing webauthn token

Browse source
This commit is contained in:
Andris Reinman 2022-05-18 09:17:04 +03:00
parent 6bd2677abc
commit 46961586c5
No known key found for this signature in database
GPG key ID: DC6C83F4D584D364
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
lib/api/2fa/webauthn.js
View file

@ -101,9 +101,9 @@ module.exports = (db, server, userHandler) => {
// permissions check
if (req.user && req.user === result.value.user) {
req.validate(roles.can(req.role).deleteOwn('users'));
req.validate(roles.can(req.role).updateOwn('users'));
} else {
req.validate(roles.can(req.role).deleteAny('users'));
req.validate(roles.can(req.role).updateAny('users'));
}
let user = new ObjectId(result.value.user);