matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-20 12:02:22 +03:00
Code Activity

Also make all the GraphQL mutations available for admins

Browse Source
This commit is contained in:
Quentin Gliech
2023-08-10 17:42:52 +02:00
parent ca86e5a39e
commit c7153b08e3
6 changed files with 70 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
crates/graphql/src/mutations/browser_session.rs
View File

@@ -12,7 +12,6 @@
// See the License for the specific language governing permissions and
// limitations under the License.
use anyhow::Context as _;
use async_graphql::{Context, Enum, InputObject, Object, ID};
use mas_storage::RepositoryAccess;
@@ -80,18 +79,17 @@ impl BrowserSessionMutations {
NodeType::BrowserSession.extract_ulid(&input.browser_session_id)?;
let requester = ctx.requester();
let user = requester.user().context("Unauthorized")?;
let mut repo = state.repository().await?;
let clock = state.clock();
let session = repo.browser_session().lookup(browser_session_id).await?;
let Some(session) = session else {
return Ok(EndBrowserSessionPayload::NotFound);
};
if session.user.id != user.id {
return Err(async_graphql::Error::new("Unauthorized"));
if !requester.is_owner_or_admin(&session) {
return Ok(EndBrowserSessionPayload::NotFound);
}
let session = repo.browser_session().finish(&clock, session).await?;