fix control give for users.

This commit is contained in:
Miroslav Šedivý 2024-07-21 14:53:55 +02:00
parent c0e5804b3b
commit 667a54e9d9
3 changed files with 10 additions and 2 deletions

View File

@ -95,7 +95,7 @@ func (h *RoomHandler) Route(r types.Router) {
r.Post("/release", h.controlRelease)
r.With(auth.AdminsOnly).Post("/take", h.controlTake)
r.With(auth.AdminsOnly).Post("/give/{sessionId}", h.controlGive)
r.With(auth.HostsOrAdminsOnly).Post("/give/{sessionId}", h.controlGive)
r.With(auth.AdminsOnly).Post("/reset", h.controlReset)
})

View File

@ -100,7 +100,6 @@ func (s *session) wsToBackend(msg []byte, sendMsg func([]byte) error) error {
return err
}
// TODO: Not implemented for user - only for admins.
return s.apiReq(http.MethodPost, "/api/room/control/give/"+request.ID, nil, nil)
case oldEvent.CONTROL_CLIPBOARD:

View File

@ -40,6 +40,15 @@ func HostsOnly(w http.ResponseWriter, r *http.Request) (context.Context, error)
return nil, nil
}
func HostsOrAdminsOnly(w http.ResponseWriter, r *http.Request) (context.Context, error) {
session, ok := GetSession(r)
if !ok || (!session.IsHost() && !session.Profile().IsAdmin) {
return nil, utils.HttpForbidden("session is not host or admin")
}
return nil, nil
}
func CanWatchOnly(w http.ResponseWriter, r *http.Request) (context.Context, error) {
session, ok := GetSession(r)
if !ok || !session.Profile().CanWatch {