|
|
|
|
@ -5,7 +5,12 @@ Meteor.methods |
|
|
|
|
|
|
|
|
|
hasPermission = RocketChat.authz.hasPermission(Meteor.userId(), 'delete-message', message.rid) |
|
|
|
|
deleteAllowed = RocketChat.settings.get 'Message_AllowDeleting' |
|
|
|
|
deleteOwn = message?.u?._id is Meteor.userId() |
|
|
|
|
|
|
|
|
|
originalMessage = ChatMessage.findOne message._id, {fields: {u: 1, rid: 1}} |
|
|
|
|
if not originalMessage? |
|
|
|
|
throw new Meteor.Error 'message-deleting-not-allowed', "[methods] deleteMessage -> Message with id [#{message._id} dos not exists]" |
|
|
|
|
|
|
|
|
|
deleteOwn = originalMessage?.u?._id is Meteor.userId() |
|
|
|
|
|
|
|
|
|
unless hasPermission or (deleteAllowed and deleteOwn) |
|
|
|
|
throw new Meteor.Error 'message-deleting-not-allowed', "[methods] deleteMessage -> Message deleting not allowed" |
|
|
|
|
@ -15,13 +20,14 @@ Meteor.methods |
|
|
|
|
keepHistory = RocketChat.settings.get 'Message_KeepHistory' |
|
|
|
|
showDeletedStatus = RocketChat.settings.get 'Message_ShowDeletedStatus' |
|
|
|
|
|
|
|
|
|
deleteQuery = |
|
|
|
|
_id: message._id |
|
|
|
|
#deleteQuery['u._id'] = Meteor.userId() if user?.admin isnt true |
|
|
|
|
deleteQuery = |
|
|
|
|
_id: originalMessage._id |
|
|
|
|
deleteQuery['u._id'] = Meteor.userId() unless hasPermission |
|
|
|
|
#deleteQuery['u._id'] = Meteor.userId() if user?.admin isnt true |
|
|
|
|
|
|
|
|
|
if keepHistory |
|
|
|
|
if showDeletedStatus |
|
|
|
|
history = ChatMessage.findOne message._id |
|
|
|
|
history = ChatMessage.findOne originalMessage._id |
|
|
|
|
history._hidden = true |
|
|
|
|
history.parent = history._id |
|
|
|
|
history.ets = new Date() |
|
|
|
|
@ -43,4 +49,4 @@ Meteor.methods |
|
|
|
|
t: 'rm' |
|
|
|
|
ets: new Date() |
|
|
|
|
else |
|
|
|
|
RocketChat.Notifications.notifyRoom message.rid, 'deleteMessage', { _id: message._id } |
|
|
|
|
RocketChat.Notifications.notifyRoom originalMessage.rid, 'deleteMessage', { _id: originalMessage._id } |
|
|
|
|
|
Rodrigo Nascimento
10 years ago