Fix community add mod check (fixes #4624) (#4667)

This commit is contained in:
Nutomic 2024-04-25 17:47:38 +02:00 committed by GitHub
parent 8e3ff0408e
commit cf426493e1
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 14 additions and 2 deletions

2
Cargo.lock generated
View file

@ -2588,7 +2588,7 @@ dependencies = [
"actix-web", "actix-web",
"actix-web-httpauth", "actix-web-httpauth",
"anyhow", "anyhow",
"base64 0.21.7", "base64 0.22.0",
"bcrypt", "bcrypt",
"captcha", "captcha",
"chrono", "chrono",

View file

@ -36,8 +36,20 @@ pub async fn add_mod_to_community(
let community = Community::read(&mut context.pool(), community_id) let community = Community::read(&mut context.pool(), community_id)
.await? .await?
.ok_or(LemmyErrorType::CouldntFindCommunity)?; .ok_or(LemmyErrorType::CouldntFindCommunity)?;
// If user is admin and community is remote, explicitly check that he is a
// moderator. This is necessary because otherwise the action would be rejected
// by the community's home instance.
if local_user_view.local_user.admin && !community.local { if local_user_view.local_user.admin && !community.local {
Err(LemmyErrorType::NotAModerator)? let is_mod = CommunityModeratorView::is_community_moderator(
&mut context.pool(),
community.id,
local_user_view.person.id,
)
.await?;
if !is_mod {
Err(LemmyErrorType::NotAModerator)?
}
} }
// Update in local database // Update in local database