From f2c6e01296e4214336e63bc2d69bcbf17f59890f Mon Sep 17 00:00:00 2001 From: KernelDeimos Date: Thu, 13 Jun 2024 17:51:20 -0400 Subject: [PATCH] fix: remove legacy permission check in stat --- packages/backend/src/filesystem/hl_operations/hl_stat.js | 7 ------- 1 file changed, 7 deletions(-) diff --git a/packages/backend/src/filesystem/hl_operations/hl_stat.js b/packages/backend/src/filesystem/hl_operations/hl_stat.js index 43d9239a5b..00d064f32c 100644 --- a/packages/backend/src/filesystem/hl_operations/hl_stat.js +++ b/packages/backend/src/filesystem/hl_operations/hl_stat.js @@ -49,13 +49,6 @@ class HLStat extends HLFilesystemOperation { throw await svc_acl.get_safe_acl_error(actor, subject, 'read'); } - // check permission - // TODO: this check is redundant now that ACL is used; - // we will need to remove it to implement user-user permissions - if(user && !await chkperm(subject.entry, user.id, 'stat')){ - throw { code:`forbidden`, message: `permission denied.`}; - } - // TODO: why is this specific to stat? const mime = this.require('mime-types'); const contentType = mime.contentType(subject.entry.name)