fix: admins are not allowed to kick or ban other admins
This commit is contained in:
parent
da2f155f2d
commit
a8678575a7
|
@ -795,8 +795,8 @@ func (o *Community) RemoveUserFromOrg(pk *ecdsa.PublicKey) (*protobuf.CommunityD
|
||||||
return nil, ErrNotAdmin
|
return nil, ErrNotAdmin
|
||||||
}
|
}
|
||||||
|
|
||||||
if o.IsMemberOwner(pk) {
|
if o.IsAdmin() && o.IsMemberOwnerOrAdmin(pk) {
|
||||||
return nil, ErrNotOwner
|
return nil, ErrCannotRemoveOwnerOrAdmin
|
||||||
}
|
}
|
||||||
|
|
||||||
o.removeMemberFromOrg(pk)
|
o.removeMemberFromOrg(pk)
|
||||||
|
@ -839,8 +839,8 @@ func (o *Community) BanUserFromCommunity(pk *ecdsa.PublicKey) (*protobuf.Communi
|
||||||
return nil, ErrNotAdmin
|
return nil, ErrNotAdmin
|
||||||
}
|
}
|
||||||
|
|
||||||
if o.IsMemberOwner(pk) {
|
if o.IsAdmin() && o.IsMemberOwnerOrAdmin(pk) {
|
||||||
return nil, ErrNotOwner
|
return nil, ErrCannotBanOwnerOrAdmin
|
||||||
}
|
}
|
||||||
|
|
||||||
o.banUserFromCommunity(pk)
|
o.banUserFromCommunity(pk)
|
||||||
|
|
|
@ -314,8 +314,8 @@ func (o *Community) PatchCommunityDescriptionByAdminEvent(adminEvent *protobuf.C
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
if copy.IsMemberOwner(pk) {
|
if copy.IsMemberOwnerOrAdmin(pk) {
|
||||||
return nil, errors.New("attempt to kick an owner of the community from the admin side")
|
return nil, errors.New("attempt to kick an owner or admin of the community from the admin side")
|
||||||
}
|
}
|
||||||
|
|
||||||
copy.removeMemberFromOrg(pk)
|
copy.removeMemberFromOrg(pk)
|
||||||
|
@ -326,8 +326,8 @@ func (o *Community) PatchCommunityDescriptionByAdminEvent(adminEvent *protobuf.C
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
if copy.IsMemberOwner(pk) {
|
if copy.IsMemberOwnerOrAdmin(pk) {
|
||||||
return nil, errors.New("attempt to ban an owner of the community from the admin side")
|
return nil, errors.New("attempt to ban an owner or admin of the community from the admin side")
|
||||||
}
|
}
|
||||||
copy.banUserFromCommunity(pk)
|
copy.banUserFromCommunity(pk)
|
||||||
|
|
||||||
|
|
|
@ -37,3 +37,5 @@ var ErrNoPermissionToJoin = errors.New("member has no permission to join")
|
||||||
var ErrMemberWalletAlreadyExists = errors.New("member wallet already exists")
|
var ErrMemberWalletAlreadyExists = errors.New("member wallet already exists")
|
||||||
var ErrMemberWalletNotFound = errors.New("member wallet not found")
|
var ErrMemberWalletNotFound = errors.New("member wallet not found")
|
||||||
var ErrNotEnoughPermissions = errors.New("not enough permissions for this community")
|
var ErrNotEnoughPermissions = errors.New("not enough permissions for this community")
|
||||||
|
var ErrCannotRemoveOwnerOrAdmin = errors.New("not allowed to remove admin or owner")
|
||||||
|
var ErrCannotBanOwnerOrAdmin = errors.New("not allowed to ban admin or owner")
|
||||||
|
|
|
@ -625,6 +625,18 @@ func (s *AdminMessengerCommunitiesSuite) TestAdminReorderChannelsAndCategories()
|
||||||
s.adminReorderChannel(&reorderChatRequest)
|
s.adminReorderChannel(&reorderChatRequest)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (s *AdminMessengerCommunitiesSuite) TestAdminKickAdmin() {
|
||||||
|
community := s.setUpCommunityAndRoles()
|
||||||
|
|
||||||
|
// admin tries to kick the owner
|
||||||
|
_, err := s.admin.RemoveUserFromCommunity(
|
||||||
|
community.ID(),
|
||||||
|
common.PubkeyToHex(&s.admin.identity.PublicKey),
|
||||||
|
)
|
||||||
|
s.Require().Error(err)
|
||||||
|
s.Require().EqualError(err, "not allowed to remove admin or owner")
|
||||||
|
}
|
||||||
|
|
||||||
func (s *AdminMessengerCommunitiesSuite) TestAdminKickMember() {
|
func (s *AdminMessengerCommunitiesSuite) TestAdminKickMember() {
|
||||||
community := s.setUpCommunityAndRoles()
|
community := s.setUpCommunityAndRoles()
|
||||||
|
|
||||||
|
@ -638,6 +650,20 @@ func (s *AdminMessengerCommunitiesSuite) TestAdminKickMember() {
|
||||||
s.adminKickAlice(community.ID(), common.PubkeyToHex(&s.alice.identity.PublicKey))
|
s.adminKickAlice(community.ID(), common.PubkeyToHex(&s.alice.identity.PublicKey))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (s *AdminMessengerCommunitiesSuite) TestAdminBanAdmin() {
|
||||||
|
community := s.setUpCommunityAndRoles()
|
||||||
|
|
||||||
|
// verify that admin can't ban an admin
|
||||||
|
_, err := s.admin.BanUserFromCommunity(
|
||||||
|
&requests.BanUserFromCommunity{
|
||||||
|
CommunityID: community.ID(),
|
||||||
|
User: common.PubkeyToHexBytes(&s.admin.identity.PublicKey),
|
||||||
|
},
|
||||||
|
)
|
||||||
|
s.Require().Error(err)
|
||||||
|
s.Require().EqualError(err, "not allowed to ban admin or owner")
|
||||||
|
}
|
||||||
|
|
||||||
func (s *AdminMessengerCommunitiesSuite) TestAdminBanUnbanMember() {
|
func (s *AdminMessengerCommunitiesSuite) TestAdminBanUnbanMember() {
|
||||||
community := s.setUpCommunityAndRoles()
|
community := s.setUpCommunityAndRoles()
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue