Dirty hack for being able to delete an expertise. Fixes #58

The actual correction would be to provide a real authorization object, but that lead to exceptions which could not be corrected so far. Thus, this commit provides a short-term-low-risk-workaround.
assistify · Aug 18, 2017 · bce14bc · bce14bc
1 parent 9ae2925
commit bce14bc
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 1 deletion.
diff --git a/packages/rocketchat-channel-settings/client/views/channelSettings.js b/packages/rocketchat-channel-settings/client/views/channelSettings.js
@@ -50,6 +50,13 @@ Template.channelSettings.helpers({
 			}
 		});
 		const roomType = room && room.t;
+		/*
+		dirty hack since custom permissions create in packages/assistify-help-request/startup/customRoomTypes.js
+		lead to a streamer exception in some occasions.
+		*/
+		if (roomType === 'e') {
+			return roomType && RocketChat.authz.hasAtLeastOnePermission('delete-c');
+		}
 		return roomType && RocketChat.authz.hasAtLeastOnePermission(`delete-${ roomType }`, this.rid);
 	},
 	readOnly() {

diff --git a/server/methods/eraseRoom.js b/server/methods/eraseRoom.js
@@ -17,7 +17,12 @@ Meteor.methods({
 			});
 		}
 
-		if (RocketChat.authz.hasPermission(fromId, `delete-${ room.t }`, rid)) {
+		/*
+		dirty hack since custom permissions create in packages/assistify-help-request/startup/customRoomTypes.js
+		lead to a streamer exception in some occasions.
+		*/
+		if ((room.t === 'e' && RocketChat.authz.hasPermission(fromId, 'delete-c', rid)) ||
+			RocketChat.authz.hasPermission(fromId, `delete-${ room.t }`, rid)) {
 			RocketChat.models.Messages.removeByRoomId(rid);
 			RocketChat.models.Subscriptions.removeByRoomId(rid);
 			return RocketChat.models.Rooms.removeById(rid);