From ed6c2d9c46fb7db16b3f75da6d065e00e048edd5 Mon Sep 17 00:00:00 2001 From: Jonathan Rainville Date: Thu, 22 Feb 2024 14:44:38 -0500 Subject: [PATCH] fix(permissions): TMs can also bypass permission to join Fixes #13644 reverted better --- src/app/modules/main/chat_section/module.nim | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/src/app/modules/main/chat_section/module.nim b/src/app/modules/main/chat_section/module.nim index 50bee3ca7d..c3ddfb4567 100644 --- a/src/app/modules/main/chat_section/module.nim +++ b/src/app/modules/main/chat_section/module.nim @@ -829,6 +829,9 @@ proc updateTokenPermissionModel*(self: Module, permissions: Table[string, CheckP let adminPermissions = filter(tokenPermissionsItems, tokenPermissionsItem => tokenPermissionsItem.getType() == TokenPermissionType.BecomeAdmin.int) + let tokenMasterPermissions = filter(tokenPermissionsItems, tokenPermissionsItem => + tokenPermissionsItem.getType() == TokenPermissionType.BecomeTokenMaster.int) + # multiple permissions of the same type act as logical OR # so if at least one of them is fulfilled we can mark the view # as all lights green @@ -837,8 +840,14 @@ proc updateTokenPermissionModel*(self: Module, permissions: Table[string, CheckP let adminRequirementMet = adminPermissions.len() > 0 and any(adminPermissions, proc (item: TokenPermissionItem): bool = item.tokenCriteriaMet) - let requiresPermissionToJoin = (adminPermissions.len() > 0 and adminRequirementMet) or memberPermissions.len() > 0 - let tokenRequirementsMet = if requiresPermissionToJoin: adminRequirementMet or memberRequirementMet else: false + let tmRequirementMet = tokenMasterPermissions.len() > 0 and any(tokenMasterPermissions, proc (item: TokenPermissionItem): bool = item.tokenCriteriaMet) + + let requiresPermissionToJoin = not (tokenMasterPermissions.len() > 0 and tmRequirementMet) and + ((adminPermissions.len() > 0 and adminRequirementMet) or memberPermissions.len() > 0) + let tokenRequirementsMet = if requiresPermissionToJoin: + tmRequirementMet or adminRequirementMet or memberRequirementMet + else: + false self.view.setAllTokenRequirementsMet(tokenRequirementsMet) self.view.setRequiresTokenPermissionToJoin(requiresPermissionToJoin)