Implement auth for kicking.
This commit is contained in:
parent
ed25abe05f
commit
db02021aba
|
@ -163,9 +163,16 @@ class Auth(object):
|
||||||
if not caller_in_room: # trying to leave a room you aren't joined
|
if not caller_in_room: # trying to leave a room you aren't joined
|
||||||
raise AuthError(403, "You are not in room %s." % event.room_id)
|
raise AuthError(403, "You are not in room %s." % event.room_id)
|
||||||
elif target_user_id != event.user_id:
|
elif target_user_id != event.user_id:
|
||||||
# trying to force another user to leave
|
user_level = yield self.store.get_power_level(
|
||||||
raise AuthError(403, "Cannot force %s to leave." %
|
event.room_id,
|
||||||
target_user_id)
|
event.user_id,
|
||||||
|
)
|
||||||
|
_, kick_level = yield self.store.get_ops_levels(event.room_id)
|
||||||
|
|
||||||
|
if user_level < kick_level:
|
||||||
|
raise AuthError(
|
||||||
|
403, "You cannot kick user %s." % target_user_id
|
||||||
|
)
|
||||||
elif Membership.BAN == membership:
|
elif Membership.BAN == membership:
|
||||||
user_level = yield self.store.get_power_level(
|
user_level = yield self.store.get_power_level(
|
||||||
event.room_id,
|
event.room_id,
|
||||||
|
|
Loading…
Reference in New Issue