You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ponymail.apache.org by hu...@apache.org on 2021/09/27 18:50:09 UTC
[incubator-ponymail-foal] 04/05: admins should be able to see
hidden emails
This is an automated email from the ASF dual-hosted git repository.
humbedooh pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-ponymail-foal.git
commit 7c72a1890ee3f8c2ff4a6dd3a7cc121f9f59d167
Author: Daniel Gruno <hu...@apache.org>
AuthorDate: Mon Sep 27 13:49:44 2021 -0500
admins should be able to see hidden emails
---
server/endpoints/email.py | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/server/endpoints/email.py b/server/endpoints/email.py
index 0e8e6dd..dcfad60 100644
--- a/server/endpoints/email.py
+++ b/server/endpoints/email.py
@@ -40,7 +40,10 @@ async def process(
email = await plugins.messages.get_email(session, messageid=indata.get("id"))
# If email was found, process the request if we are allowed to display it
- if email and isinstance(email, dict) and not email.get("deleted"):
+ cannot_view = email.get("deleted", False)
+ if session.credentials and session.credentials.admin:
+ cannot_view = False
+ if email and isinstance(email, dict) and not cannot_view:
if plugins.aaa.can_access_email(session, email):
# Are we fetching an attachment?
if not indata.get("attachment"):