lino.jorzick
/
greenlight
forked from External/greenlight
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fixed role permissin check for update_recording and delete_recording (#1308) 

Co-authored-by: Jesus Federico <jesus@123it.ca>
This commit is contained in:
Ahmad Farhat 2020-04-16 12:52:04 -04:00 committed by GitHub
parent 311806faa7
commit 37decd9b43
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/controllers/recordings_controller.rb
View File

@ -57,9 +57,7 @@ class RecordingsController < ApplicationController
# Ensure the user is logged into the room they are accessing. # Ensure the user is logged into the room they are accessing.
def verify_room_ownership def verify_room_ownership
if !current_user || (!@room.owned_by?(current_user) && if !@room.owned_by?(current_user) && !current_user&.highest_priority_role&.get_permission("can_manage_rooms_recordings")
!current_user.highest_priority_role.get_permission("can_edit_site_settings") &&
!current_user.has_role?(:super_admin))
redirect_to root_path redirect_to root_path
end end
end end