public/mailtrain
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Fix

Browse source
This commit is contained in:
joker-x 2020-08-30 10:34:50 +02:00
parent a42f629c7e
commit c601dc9709
2 changed files with 0 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

2
server/models/campaigns.js
View file

@ -360,7 +360,6 @@ async function lockByIdTx(tx, id) {
} }
async function rawGetByTx(tx, key, id) { async function rawGetByTx(tx, key, id) {
shares.enforceGlobalPermission(context, 'manageCampaigns');
const entity = await tx('campaigns').where('campaigns.' + key, id) const entity = await tx('campaigns').where('campaigns.' + key, id)
.leftJoin('campaign_lists', 'campaigns.id', 'campaign_lists.campaign') .leftJoin('campaign_lists', 'campaigns.id', 'campaign_lists.campaign')
.groupBy('campaigns.id') .groupBy('campaigns.id')
@ -394,7 +393,6 @@ async function rawGetByTx(tx, key, id) {
} }
async function getByIdTx(tx, context, id, withPermissions = true, content = Content.ALL) { async function getByIdTx(tx, context, id, withPermissions = true, content = Content.ALL) {
shares.enforceGlobalPermission(context, 'manageCampaigns');
await shares.enforceEntityPermissionTx(tx, context, 'campaign', id, 'view'); await shares.enforceEntityPermissionTx(tx, context, 'campaign', id, 'view');
let entity = await rawGetByTx(tx, 'id', id); let entity = await rawGetByTx(tx, 'id', id);

4
server/models/lists.js
View file

@ -86,7 +86,6 @@ async function listWithSegmentByCampaignDTAjax(context, campaignId, params) {
} }
async function getByIdTx(tx, context, id) { async function getByIdTx(tx, context, id) {
shares.enforceGlobalPermission(context, 'manageLists');
await shares.enforceEntityPermissionTx(tx, context, 'list', id, 'view'); await shares.enforceEntityPermissionTx(tx, context, 'list', id, 'view');
const entity = await tx('lists').where('id', id).first(); const entity = await tx('lists').where('id', id).first();
return entity; return entity;
@ -100,7 +99,6 @@ async function getById(context, id) {
} }
async function getByIdWithListFields(context, id) { async function getByIdWithListFields(context, id) {
shares.enforceGlobalPermission(context, 'manageLists');
return await knex.transaction(async tx => { return await knex.transaction(async tx => {
const entity = await getByIdTx(tx, context, id); const entity = await getByIdTx(tx, context, id);
entity.permissions = await shares.getPermissionsTx(tx, context, 'list', id); entity.permissions = await shares.getPermissionsTx(tx, context, 'list', id);
@ -110,7 +108,6 @@ async function getByIdWithListFields(context, id) {
} }
async function getByCidTx(tx, context, cid) { async function getByCidTx(tx, context, cid) {
shares.enforceGlobalPermission(context, 'manageLists');
const entity = await tx('lists').where('cid', cid).first(); const entity = await tx('lists').where('cid', cid).first();
if (!entity) { if (!entity) {
shares.throwPermissionDenied(); shares.throwPermissionDenied();
@ -127,7 +124,6 @@ async function getByCid(context, cid) {
} }
async function getByNamespaceIdTx(tx, context, namespaceId) { async function getByNamespaceIdTx(tx, context, namespaceId) {
shares.enforceGlobalPermission(context, 'manageLists');
// FIXME - this methods is rather suboptimal if there are many lists. It quite needs permission caching in shares.js // FIXME - this methods is rather suboptimal if there are many lists. It quite needs permission caching in shares.js
const rows = await tx('lists').where('namespace', namespaceId); const rows = await tx('lists').where('namespace', namespaceId);