Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bug: Giving Roles to users as the owner of the server throws 403 in Console #381

Open
MetaverseRPN opened this issue Jun 8, 2024 · 2 comments

Comments

@MetaverseRPN
Copy link

What happened?

Attempting to give myself a role as the creator of the server is causing the web client to throw a 403 from Members.tsx.
image

According to the backend's logs, the patch request is succeeding, so I'm not sure what's causing this:

2024-06-08T07:41:08.030181651Z  INFO  _                                                                > Matched: OPTIONS /<catch_all_options_route..> [9223372036854775807]
2024-06-08T07:41:08.030187782Z  INFO  _                                                                > "Catch all" handling of CORS `OPTIONS` preflight for request OPTIONS /servers/01HZ8XZG9DKC91MDXMQW56PYRA/members/01HZ8WMYVJX6KHT4C4QX4HQDTW
2024-06-08T07:41:08.030192135Z  INFO  _                                                                > Outcome: Success
2024-06-08T07:41:08.030209664Z  INFO  _                                                                > Response succeeded.
2024-06-08T07:41:08.087929762Z  INFO  rocket::server                                                   > PATCH /servers/01HZ8XZG9DKC91MDXMQW56PYRA/members/01HZ8WMYVJX6KHT4C4QX4HQDTW application/json:
2024-06-08T07:41:08.087972347Z  INFO  _                                                                > Matched: (edit) PATCH /servers/<server>/members/<target>
2024-06-08T07:41:08.090507629Z  INFO  _                                                                > Outcome: Success
2024-06-08T07:41:08.090642683Z  INFO  _                                                                > Response succeeded.
2024-06-08T07:41:18.274163515Z  INFO  rocket::server                                                   > OPTIONS /servers/01HZ8XZG9DKC91MDXMQW56PYRA/members/01HZ8WMYVJX6KHT4C4QX4HQDTW:
2024-06-08T07:41:18.274192351Z  INFO  _                                                                > Matched: OPTIONS /<catch_all_options_route..> [9223372036854775807]
2024-06-08T07:41:18.274199389Z  INFO  _                                                                > "Catch all" handling of CORS `OPTIONS` preflight for request OPTIONS /servers/01HZ8XZG9DKC91MDXMQW56PYRA/members/01HZ8WMYVJX6KHT4C4QX4HQDTW
2024-06-08T07:41:18.274215925Z  INFO  _                                                                > Outcome: Success
2024-06-08T07:41:18.274222199Z  INFO  _                                                                > Response succeeded.
2024-06-08T07:41:18.332635502Z  INFO  rocket::server                                                   > PATCH /servers/01HZ8XZG9DKC91MDXMQW56PYRA/members/01HZ8WMYVJX6KHT4C4QX4HQDTW application/json:
2024-06-08T07:41:18.332665626Z  INFO  _                                                                > Matched: (edit) PATCH /servers/<server>/members/<target>
2024-06-08T07:41:18.335968810Z  INFO  _                                                                > Outcome: Success
2024-06-08T07:41:18.336021553Z  INFO  _                                                                > Response succeeded.

Any idea why this might be occurring?

@MetaverseRPN
Copy link
Author

MetaverseRPN commented Jun 8, 2024

I looked further into the Network console to see what the client is being told by the API server and the response appears to be:
{ "type": "NotElevated", "location": "crates/delta/src/routes/servers/member_edit.rs:110:32" }
This is my own server I created for testing purposes... So I'm not sure how it could think I'm "NotElevated"
Edit: From my looking into that line, it seems to be erroring out because my role is lower in the hierarchy than the role I am trying to give myself?

@MetaverseRPN
Copy link
Author

Went and created a brand new server, made no changes except for trying to create a role to give myself, and this issue appears to still persist. I also went and reverted everything to latest official docker images to confirm if it was something I did with the codebase and I still cannot seem to be able to give myself a role without the backend giving me a 403.

@insertish insertish transferred this issue from revoltchat/self-hosted Nov 13, 2024
@insertish insertish removed the bug label Nov 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: 🆕 Untriaged
Development

No branches or pull requests

2 participants