shpaq/sct-overseerr
1
0
Fork 0
mirror of https://github.com/sct/overseerr.git synced 2025-09-17 17:24:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: new permission to allow users to see other users requests

Browse Source 
closes #840
This commit is contained in:
sct
2021-02-04 12:40:00 +00:00
parent 06e941171a
commit 033ba9d41b
8 changed files with 62 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
server/routes/request.ts
View File

@@ -57,7 +57,8 @@ requestRoutes.get('/', async (req, res, next) => {
}
const [requests, requestCount] = req.user?.hasPermission(
Permission.MANAGE_REQUESTS
[Permission.MANAGE_REQUESTS, Permission.REQUEST_VIEW],
{ type: 'or' }
)
? await requestRepository.findAndCount({
order: sortFilter,
@@ -102,10 +103,10 @@ requestRoutes.post(
if (
req.body.userId &&
!(
req.user?.hasPermission(Permission.MANAGE_USERS) &&
req.user?.hasPermission(Permission.MANAGE_REQUESTS)
)
!req.user?.hasPermission([
Permission.MANAGE_USERS,
Permission.MANAGE_REQUESTS,
])
) {
return next({
status: 403,