From 1679a3f844497d756d0cf272c5374a5236eabd42 Mon Sep 17 00:00:00 2001 From: triphora Date: Sat, 7 Jan 2023 21:35:40 -0500 Subject: [PATCH] Fix file uploading for admins (#519) --- src/routes/version_creation.rs | 40 ++++++++++++++++++---------------- 1 file changed, 21 insertions(+), 19 deletions(-) diff --git a/src/routes/version_creation.rs b/src/routes/version_creation.rs index 5314e179..50c314dc 100644 --- a/src/routes/version_creation.rs +++ b/src/routes/version_creation.rs @@ -520,27 +520,29 @@ async fn upload_file_to_version_inner( } }; - let team_member = models::TeamMember::get_from_user_id_version( - version_id, - user.id.into(), - &mut *transaction, - ) - .await? - .ok_or_else(|| { - CreateError::CustomAuthenticationError( - "You don't have permission to upload files to this version!" - .to_string(), + if !user.role.is_admin() { + let team_member = models::TeamMember::get_from_user_id_version( + version_id, + user.id.into(), + &mut *transaction, ) - })?; + .await? + .ok_or_else(|| { + CreateError::CustomAuthenticationError( + "You don't have permission to upload files to this version!" + .to_string(), + ) + })?; - if !team_member - .permissions - .contains(Permissions::UPLOAD_VERSION) - { - return Err(CreateError::CustomAuthenticationError( - "You don't have permission to upload files to this version!" - .to_string(), - )); + if !team_member + .permissions + .contains(Permissions::UPLOAD_VERSION) + { + return Err(CreateError::CustomAuthenticationError( + "You don't have permission to upload files to this version!" + .to_string(), + )); + } } let project_id = ProjectId(version.inner.project_id.0 as u64);