rick/rosterchirp-dev
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v0.9.41 fixed permissions

Browse Source
This commit is contained in:
Ricky Stretch
2026-03-16 18:42:00 -04:00
parent de5912c206
commit 5322eabee3
5 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
backend/src/routes/usergroups.js
View File

@@ -68,7 +68,7 @@ router.get('/multigroup', authMiddleware, teamManagerMiddleware, (req, res) => {
res.json({ dms });
});
router.post('/multigroup', authMiddleware, adminMiddleware, (req, res) => {
router.post('/multigroup', authMiddleware, teamManagerMiddleware, (req, res) => {
const { name, userGroupIds = [] } = req.body;
if (!name?.trim()) return res.status(400).json({ error: 'Name required' });
if (userGroupIds.length < 2) return res.status(400).json({ error: 'At least two user groups required' });
@@ -106,7 +106,7 @@ router.post('/multigroup', authMiddleware, adminMiddleware, (req, res) => {
res.json({ dm });
});
router.patch('/multigroup/:id', authMiddleware, adminMiddleware, (req, res) => {
router.patch('/multigroup/:id', authMiddleware, teamManagerMiddleware, (req, res) => {
const db = getDb();
const mg = db.prepare('SELECT * FROM multi_group_dms WHERE id = ?').get(req.params.id);
if (!mg) return res.status(404).json({ error: 'Not found' });
@@ -151,7 +151,7 @@ router.patch('/multigroup/:id', authMiddleware, adminMiddleware, (req, res) => {
res.json({ dm: updated });
});
router.delete('/multigroup/:id', authMiddleware, adminMiddleware, (req, res) => {
router.delete('/multigroup/:id', authMiddleware, teamManagerMiddleware, (req, res) => {
const db = getDb();
const mg = db.prepare('SELECT * FROM multi_group_dms WHERE id = ?').get(req.params.id);
if (!mg) return res.status(404).json({ error: 'Not found' });
@@ -188,7 +188,7 @@ router.get('/:id', authMiddleware, teamManagerMiddleware, (req, res) => {
res.json({ group, members });
});
router.post('/', authMiddleware, adminMiddleware, (req, res) => {
router.post('/', authMiddleware, teamManagerMiddleware, (req, res) => {
const { name, memberIds = [] } = req.body;
if (!name?.trim()) return res.status(400).json({ error: 'Name required' });
const db = getDb();
@@ -220,7 +220,7 @@ router.post('/', authMiddleware, adminMiddleware, (req, res) => {
res.json({ group });
});
router.patch('/:id', authMiddleware, adminMiddleware, (req, res) => {
router.patch('/:id', authMiddleware, teamManagerMiddleware, (req, res) => {
const db = getDb();
const ug = db.prepare('SELECT * FROM user_groups WHERE id = ?').get(req.params.id);
if (!ug) return res.status(404).json({ error: 'Not found' });
@@ -280,7 +280,7 @@ router.patch('/:id', authMiddleware, adminMiddleware, (req, res) => {
res.json({ group: updated });
});
router.delete('/:id', authMiddleware, adminMiddleware, (req, res) => {
router.delete('/:id', authMiddleware, teamManagerMiddleware, (req, res) => {
const db = getDb();
const ug = db.prepare('SELECT * FROM user_groups WHERE id = ?').get(req.params.id);
if (!ug) return res.status(404).json({ error: 'Not found' });