feat: add permission for deleteMessage

pull/90/head
moonrailgun 2 years ago
parent a78221e111
commit cbb436cfbe

@ -44,6 +44,7 @@ export const PERMISSION = {
managePanel: 'core.managePanel',
manageInvite: 'core.manageInvite',
manageRoles: 'core.manageRoles',
deleteMessage: 'core.deleteMessage',
},
};
@ -107,6 +108,13 @@ export const getPermissionList = (): PermissionItemType[] => [
default: false,
required: [PERMISSION.core.groupDetail],
},
{
key: PERMISSION.core.deleteMessage,
title: t('删除消息'),
desc: t('允许删除用户信息'),
default: false,
required: [PERMISSION.core.groupDetail],
},
];
/**

@ -4,12 +4,14 @@ import React, { useCallback } from 'react';
import {
ChatMessage,
deleteMessage,
PERMISSION,
recallMessage,
sharedEvent,
t,
useAsyncRequest,
useChatBoxContext,
useGroupInfoContext,
useHasGroupPermission,
useUserInfo,
} from 'tailchat-shared';
import { openReconfirmModalP } from '@/components/Modal';
@ -27,6 +29,10 @@ export function useChatMessageItemAction(
const context = useChatBoxContext();
const groupInfo = useGroupInfoContext();
const userInfo = useUserInfo();
const [hasDeleteMessagePermission] = useHasGroupPermission(
groupInfo?._id ?? '',
[PERMISSION.core.deleteMessage]
);
const handleCopy = useCallback(() => {
copy(getMessageTextDecorators().serialize(payload.content));
@ -68,7 +74,7 @@ export function useChatMessageItemAction(
icon: <Icon icon="mdi:restore" />,
onClick: handleRecallMessage,
},
isGroupOwner && {
hasDeleteMessagePermission && {
key: 'delete',
label: t('删除'),
danger: true,

@ -13,6 +13,7 @@ export const PERMISSION = {
managePanel: 'core.managePanel',
manageInvite: 'core.manageInvite',
manageRoles: 'core.manageRoles',
deleteMessage: 'core.deleteMessage',
},
};

@ -11,6 +11,8 @@ import {
TcContext,
DataNotFoundError,
NoPermissionError,
call,
PERMISSION,
} from 'tailchat-server-sdk';
import type { Group } from '../../../models/group/group';
import { isValidStr } from '../../../lib/utils';
@ -296,10 +298,13 @@ class MessageService extends TcService {
throw new Error(t('无法删除私人信息'));
}
const group: GroupBaseInfo = await ctx.call('group.getGroupBasicInfo', {
groupId: String(groupId),
});
if (String(group.owner) !== userId) {
const [hasPermission] = await call(ctx).checkUserPermissions(
String(groupId),
userId,
[PERMISSION.core.deleteMessage]
);
if (!hasPermission) {
throw new NoPermissionError(t('没有删除权限')); // 仅管理员允许删除
}

Loading…
Cancel
Save