Commit a2d0ec80 authored by Ibrahim Serdar Acikgoz's avatar Ibrahim Serdar Acikgoz
Browse files

api4/bot: fix permission check in convert handler (#15196)

parent 56bd30c6
......@@ -406,7 +406,7 @@ func convertBotToUser(c *Context, w http.ResponseWriter, r *http.Request) {
auditRec.AddMeta("userPatch", userPatch)
auditRec.AddMeta("set_system_admin", systemAdmin)
if c.Params.UserId != c.App.Session().UserId && !c.App.SessionHasPermissionTo(*c.App.Session(), model.PERMISSION_MANAGE_SYSTEM) {
if !c.App.SessionHasPermissionTo(*c.App.Session(), model.PERMISSION_MANAGE_SYSTEM) {
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
return
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment