Compare commits

...

2 Commits

Author SHA1 Message Date
DebaucheryLibrarian a9e610a82c 0.36.1 2024-10-06 02:57:34 +02:00
DebaucheryLibrarian 145ee198ff Allowing editors revision access. 2024-10-06 02:57:31 +02:00
4 changed files with 6 additions and 8 deletions

View File

@ -190,7 +190,7 @@
</li> </li>
<li <li
v-if="user?.role === 'admin'" v-if="user?.role === 'admin' || user?.role === 'editor'"
v-close-popper v-close-popper
class="menu-item" class="menu-item"
> >

4
package-lock.json generated
View File

@ -1,11 +1,11 @@
{ {
"name": "traxxx-web", "name": "traxxx-web",
"version": "0.36.0", "version": "0.36.1",
"lockfileVersion": 2, "lockfileVersion": 2,
"requires": true, "requires": true,
"packages": { "packages": {
"": { "": {
"version": "0.36.0", "version": "0.36.1",
"dependencies": { "dependencies": {
"@brillout/json-serializer": "^0.5.8", "@brillout/json-serializer": "^0.5.8",
"@dicebear/collection": "^7.0.5", "@dicebear/collection": "^7.0.5",

View File

@ -80,5 +80,5 @@
"postcss-custom-media": "^10.0.2", "postcss-custom-media": "^10.0.2",
"postcss-nesting": "^12.0.2" "postcss-nesting": "^12.0.2"
}, },
"version": "0.36.0" "version": "0.36.1"
} }

View File

@ -640,12 +640,12 @@ export async function fetchSceneRevisions(revisionId, filters = {}, reqUser) {
.leftJoin('users', 'users.id', 'scenes_revisions.user_id') .leftJoin('users', 'users.id', 'scenes_revisions.user_id')
.leftJoin('users as reviewers', 'reviewers.id', 'scenes_revisions.reviewed_by') .leftJoin('users as reviewers', 'reviewers.id', 'scenes_revisions.reviewed_by')
.modify((builder) => { .modify((builder) => {
if (reqUser?.role !== 'admin' && !filters.userId && !filters.sceneId) { if (!['admin', 'editor'].includes(reqUser?.role) && !filters.userId && !filters.sceneId) {
builder.where('user_id', reqUser.id); builder.where('user_id', reqUser.id);
} }
if (filters.userId) { if (filters.userId) {
if (reqUser?.role !== 'admin' && filters.userId !== reqUser.id) { if (!['admin', 'editor'].includes(reqUser?.role) && filters.userId !== reqUser.id) {
throw new HttpError('You are not permitted to view revisions from other users.', 403); throw new HttpError('You are not permitted to view revisions from other users.', 403);
} }
@ -661,8 +661,6 @@ export async function fetchSceneRevisions(revisionId, filters = {}, reqUser) {
builder.where('scenes_revisions.scene_id', filters.sceneId); builder.where('scenes_revisions.scene_id', filters.sceneId);
} }
console.log(filters);
if (filters.isFinalized === false) { if (filters.isFinalized === false) {
builder.whereNull('approved'); builder.whereNull('approved');
} }