Michelle/redlight
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 11 Wiki Activity

fix: anyone_can_start not working as Admin
Build & Push Docker Image / build (push) Successful in 4m24s
Details

Browse Source
This commit is contained in:
Michelle
2026-04-23 09:32:55 +02:00
parent 995d6eabf7
commit de696d422a
2 changed files with 11 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/routes/rooms.js
+6 -4
View File
@@ -485,9 +485,10 @@ router.post('/:uid/start', authenticateToken, async (req, res) => {
return res.status(404).json({ error: 'Room not found' });
}
// Check access: owner or shared
// Check access: owner, admin, shared, or anyone_can_start
const isOwner = room.user_id === req.user.id;
if (!isOwner) {
const isAdmin = req.user.role === 'admin';
if (!isOwner && !isAdmin && !room.anyone_can_start) {
const share = await db.get('SELECT id FROM room_shares WHERE room_id = ? AND user_id = ?', [room.id, req.user.id]);
if (!share) {
return res.status(403).json({ error: 'No permission' });
@@ -559,9 +560,10 @@ router.post('/:uid/end', authenticateToken, async (req, res) => {
return res.status(404).json({ error: 'Room not found' });
}
// Check access: owner or shared user
// Check access: owner, admin, or shared user
const isOwner = room.user_id === req.user.id;
if (!isOwner) {
const isAdmin = req.user.role === 'admin';
if (!isOwner && !isAdmin) {
const share = await db.get('SELECT id FROM room_shares WHERE room_id = ? AND user_id = ?', [room.id, req.user.id]);
if (!share) {
return res.status(403).json({ error: 'No permission' });