forked from cory/tildefriends
js: Oh yeah, administrators can delete core apps still.
This commit is contained in:
parent
fa00a41fe0
commit
02accabb4a
@ -1106,8 +1106,9 @@ static void _httpd_endpoint_delete_work(tf_ssb_t* ssb, void* user_data)
|
||||
{
|
||||
size_t length = strlen(user_string);
|
||||
if (request->path && request->path[0] == '/' && request->path[1] == '~' &&
|
||||
/* TODO: admin users used to be able to delete core apps */
|
||||
strncmp(request->path + 2, user_string, length) == 0 && request->path[2 + length] == '/')
|
||||
(strncmp(request->path + 2, user_string, length) == 0 ||
|
||||
(strncmp(request->path + 2, "core", strlen("core") == 0 && tf_ssb_db_user_has_permission(ssb, user_string, "administration")))) &&
|
||||
request->path[2 + length] == '/')
|
||||
{
|
||||
char* app_name = tf_strdup(request->path + 2 + length + 1);
|
||||
if (app_name)
|
||||
|
Loading…
Reference in New Issue
Block a user