public/mailtrain
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Possible fix for #879

Browse source
This commit is contained in:
Tomas Bures 2020-05-28 01:05:23 +02:00
parent ebfbe30aa0
commit dad2618739
2 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
server/models/users.js
View file

@ -47,7 +47,7 @@ async function _getByTx(tx, context, key, value, extraColumns = []) {
// Note that getRestrictedAccessToken relies to this check to see whether a user may impersonate another. If "manageUsers" here were to be changed to something like "viewUsers", then
// a corresponding check has to be added to getRestrictedAccessToken
await shares.enforceEntityPermission(context, 'namespace', user.namespace, 'manageUsers');
await shares.enforceEntityPermissionTx(tx, context, 'namespace', user.namespace, 'manageUsers');
return user;
}