ellienieuwdorp
commented
4 years ago Right now we're thinking any authorization should be done based upon the presence of the "Mods" role.
Closed CodingRays closed 4 years ago
ellienieuwdorp
commented
4 years ago Right now we're thinking any authorization should be done based upon the presence of the "Mods" role.
CodingRays
commented
4 years ago That doesn't sound like a very elegant solution but i agree that it is for the time being the simplest.
ellienieuwdorp
commented
4 years ago Sorry for the confusion, but you were right in your initial assesment that admin permissions constitute being a moderator. I think ideally this PR would just add the authorization function and for it to be implemented later as we'll be refactoring the add/remove captains function soon.
And thanks for your help ;-)
CodingRays
commented
4 years ago I replaced the implementation of the function to always return true.
ellienieuwdorp
commented
4 years ago What I meant is your original implementation was actually good :) Turns out in our server, Admin permission constitutes a Moderator. If you add it back I'll merge it and and add an env variable conditional to it so it always returns true in a local env for testing purposes.
Added function to test if a message was written by a privileged user.
As of right now the test is simply to check if the user has administrative rights. I dont think we have a clear plan on what constitutes an authorized user yet so that should probably be tackled before the PR gets merged.