Fix CommonAPI delete function to use User.privileged? instead of User.superuser?

This commit is contained in:
Sean King 2022-12-18 22:05:07 -07:00
parent 60df2d8a97
commit c58eb873dd
No known key found for this signature in database
GPG key ID: 510C52BACD6E7257

View file

@ -148,7 +148,7 @@ def delete(activity_id, user) do
true <- User.privileged?(user, :messages_delete) || user.ap_id == object.data["actor"], true <- User.privileged?(user, :messages_delete) || user.ap_id == object.data["actor"],
{:ok, delete_data, _} <- Builder.delete(user, object.data["id"]), {:ok, delete_data, _} <- Builder.delete(user, object.data["id"]),
{:ok, delete, _} <- Pipeline.common_pipeline(delete_data, local: true) do {:ok, delete, _} <- Pipeline.common_pipeline(delete_data, local: true) do
if User.superuser?(user) and user.ap_id != object.data["actor"] do if User.privileged?(user, :messages_delete) and user.ap_id != object.data["actor"] do
action = action =
if object.data["type"] == "ChatMessage" do if object.data["type"] == "ChatMessage" do
"chat_message_delete" "chat_message_delete"