Page MenuHomePhorge
Files F33403428

D8200.1768984782.diff
No OneTemporary
Actions

Size
1 KB
Referenced Files
None
Subscribers
None

D8200.1768984782.diff
View Options

diff --git a/keyserver/src/updaters/thread-updaters.js b/keyserver/src/updaters/thread-updaters.js
--- a/keyserver/src/updaters/thread-updaters.js
+++ b/keyserver/src/updaters/thread-updaters.js
@@ -76,13 +76,14 @@
throw new ServerError('not_logged_in');
}
- const [memberIDs, hasPermission] = await Promise.all([
+ const [memberIDs, hasPermission, fetchThreadResult] = await Promise.all([
verifyUserIDs(request.memberIDs),
checkThreadPermission(
viewer,
request.threadID,
threadPermissions.CHANGE_ROLE,
),
+ fetchThreadInfos(viewer, SQL`t.id = ${request.threadID}`),
]);
if (memberIDs.length === 0) {
throw new ServerError('invalid_parameters');
@@ -91,6 +92,32 @@
throw new ServerError('invalid_credentials');
}
+ const threadInfo = fetchThreadResult.threadInfos[request.threadID];
+
+ const adminRoleID = Object.keys(threadInfo.roles).find(
+ roleID => threadInfo.roles[roleID].name === 'Admins',
+ );
+
+ const communityAdminsCount = threadInfo.members.filter(
+ member => member.role === adminRoleID,
+ ).length;
+
+ let changedAdminsCount = 0;
+ for (const memberID of memberIDs) {
+ const memberRole = threadInfo.members.find(
+ member => member.id === memberID,
+ )?.role;
+
+ if (memberRole === adminRoleID) {
+ changedAdminsCount++;
+ }
+ }
+
+ // Ensure that there will always still be at least one admin in a community
+ if (changedAdminsCount >= communityAdminsCount) {
+ throw new ServerError('invalid_parameters');
+ }
+
const query = SQL`
SELECT user, role
FROM memberships

File Metadata

Mime Type
text/plain
Expires
Wed, Jan 21, 8:39 AM (10 h, 6 s)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
5967591
Default Alt Text
D8200.1768984782.diff (1 KB)

Event Timeline