Fixing some locations to use the IsTeamAdmin function which properly checks for system admin permissions.

author: Christopher Speller <crspeller@gmail.com> 2015-09-30 11:30:11 -0400
committer: Christopher Speller <crspeller@gmail.com> 2015-09-30 14:26:37 -0400
commit: 7d31f3a271d933b8c276602d9fb77fd5d22055de (patch)
tree: b836506cc084e1907e39ca0d7283a4175a25ba50 /api/user.go
parent: 89b77cc72ffd9dec6242f66277a4aeffe6fb737b (diff)
download: chat-7d31f3a271d933b8c276602d9fb77fd5d22055de.tar.gz
chat-7d31f3a271d933b8c276602d9fb77fd5d22055de.tar.bz2
chat-7d31f3a271d933b8c276602d9fb77fd5d22055de.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/api/user.go b/api/user.go
index 92a77e68a..a5c3fca2b 100644
--- a/api/user.go
+++ b/api/user.go
@@ -969,7 +969,7 @@ func updateRoles(c *Context, w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) && !c.IsSystemAdmin() {
+	if !c.IsTeamAdmin() {
 		c.Err = model.NewAppError("updateRoles", "You do not have the appropriate permissions", "userId="+user_id)
 		c.Err.StatusCode = http.StatusForbidden
 		return
@@ -1066,7 +1066,7 @@ func updateActive(c *Context, w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) && !c.IsSystemAdmin() {
+	if !c.IsTeamAdmin() {
 		c.Err = model.NewAppError("updateActive", "You do not have the appropriate permissions", "userId="+user_id)
 		c.Err.StatusCode = http.StatusForbidden
 		return
author	Christopher Speller <crspeller@gmail.com>	2015-09-30 11:30:11 -0400
committer	Christopher Speller <crspeller@gmail.com>	2015-09-30 14:26:37 -0400
commit	7d31f3a271d933b8c276602d9fb77fd5d22055de (patch)
tree	b836506cc084e1907e39ca0d7283a4175a25ba50 /api/user.go
parent	89b77cc72ffd9dec6242f66277a4aeffe6fb737b (diff)
download	chat-7d31f3a271d933b8c276602d9fb77fd5d22055de.tar.gz chat-7d31f3a271d933b8c276602d9fb77fd5d22055de.tar.bz2 chat-7d31f3a271d933b8c276602d9fb77fd5d22055de.zip