mirror of
https://github.com/minetest/contentdb.git
synced 2024-12-22 22:12:24 +01:00
Restrict seeing the email addresses of others to admins only
This commit is contained in:
parent
bbc89bb2c2
commit
a57e06d09b
@ -200,7 +200,7 @@ class User(db.Model, UserMixin):
|
||||
elif perm == Permission.CHANGE_RANK or perm == Permission.CHANGE_USERNAMES:
|
||||
return user.rank.atLeast(UserRank.MODERATOR)
|
||||
elif perm == Permission.CHANGE_EMAIL or perm == Permission.CHANGE_PROFILE_URLS:
|
||||
return user == self or (user.rank.atLeast(UserRank.MODERATOR) and user.rank.atLeast(self.rank))
|
||||
return user == self or user.rank.atLeast(UserRank.ADMIN)
|
||||
elif perm == Permission.CREATE_TOKEN:
|
||||
if user == self:
|
||||
return user.rank.atLeast(UserRank.MEMBER)
|
||||
|
Loading…
Reference in New Issue
Block a user