diff options
| author | Christopher Speller <crspeller@gmail.com> | 2015-09-30 14:52:51 -0400 |
|---|---|---|
| committer | Christopher Speller <crspeller@gmail.com> | 2015-09-30 14:52:51 -0400 |
| commit | e99e93fafbb6c974129ba09a35ddb85e2102f00d (patch) | |
| tree | 6836aebf1b99083a501c4c3305326237625ceb3a /api/post.go | |
| parent | 6a9cfe2f241f0eed8d6b2c943a8fd04cc1a14019 (diff) | |
| parent | 7d31f3a271d933b8c276602d9fb77fd5d22055de (diff) | |
| download | chat-e99e93fafbb6c974129ba09a35ddb85e2102f00d.tar.gz chat-e99e93fafbb6c974129ba09a35ddb85e2102f00d.tar.bz2 chat-e99e93fafbb6c974129ba09a35ddb85e2102f00d.zip | |
Merge pull request #884 from mattermost/permissions-fix
Permissions fixes. Fixes PLT-487
Diffstat (limited to 'api/post.go')
| -rw-r--r-- | api/post.go | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/api/post.go b/api/post.go index 0379f6af5..2b683fb7d 100644 --- a/api/post.go +++ b/api/post.go @@ -633,7 +633,7 @@ func deletePost(c *Context, w http.ResponseWriter, r *http.Request) { post := result.Data.(*model.PostList).Posts[postId] - if !c.HasPermissionsToChannel(cchan, "deletePost") && !c.IsTeamAdmin(post.UserId) { + if !c.HasPermissionsToChannel(cchan, "deletePost") && !c.IsTeamAdmin() { return } @@ -648,7 +648,7 @@ func deletePost(c *Context, w http.ResponseWriter, r *http.Request) { return } - if post.UserId != c.Session.UserId && !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) { + if post.UserId != c.Session.UserId && !c.IsTeamAdmin() { c.Err = model.NewAppError("deletePost", "You do not have the appropriate permissions", "") c.Err.StatusCode = http.StatusForbidden return |