You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@ponymail.apache.org by hu...@apache.org on 2021/09/27 18:50:09 UTC

[incubator-ponymail-foal] 04/05: admins should be able to see hidden emails

This is an automated email from the ASF dual-hosted git repository.

humbedooh pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-ponymail-foal.git

commit 7c72a1890ee3f8c2ff4a6dd3a7cc121f9f59d167
Author: Daniel Gruno <hu...@apache.org>
AuthorDate: Mon Sep 27 13:49:44 2021 -0500

    admins should be able to see hidden emails
---
 server/endpoints/email.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/server/endpoints/email.py b/server/endpoints/email.py
index 0e8e6dd..dcfad60 100644
--- a/server/endpoints/email.py
+++ b/server/endpoints/email.py
@@ -40,7 +40,10 @@ async def process(
         email = await plugins.messages.get_email(session, messageid=indata.get("id"))
 
     # If email was found, process the request if we are allowed to display it
-    if email and isinstance(email, dict) and not email.get("deleted"):
+    cannot_view = email.get("deleted", False)
+    if session.credentials and session.credentials.admin:
+        cannot_view = False
+    if email and isinstance(email, dict) and not cannot_view:
         if plugins.aaa.can_access_email(session, email):
             # Are we fetching an attachment?
             if not indata.get("attachment"):