From cc26c98403c3463bbd72b4165b40dc337f9284e6 Mon Sep 17 00:00:00 2001
From: Austin Hellyer <hello@austinhellyer.me>
Date: Fri, 25 Nov 2016 13:33:54 -0800
Subject: Fix permission check on Message::delete

---
 src/model/channel.rs | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

(limited to 'src/model')

diff --git a/src/model/channel.rs b/src/model/channel.rs
index ffc8658..8911487 100644
--- a/src/model/channel.rs
+++ b/src/model/channel.rs
@@ -426,9 +426,6 @@ impl Message {
     ///
     /// # Errors
     ///
-    /// Returns a [`ClientError::InvalidUser`] if the current user is not the
-    /// author.
-    ///
     /// Returns a [`ClientError::InvalidPermissions`] if the current user does
     /// not have the required permissions.
     ///
@@ -439,12 +436,9 @@ impl Message {
     pub fn delete(&self) -> Result<()> {
         let req = permissions::MANAGE_MESSAGES;
         let is_author = self.author.id != CACHE.read().unwrap().user.id;
+        let has_perms = try!(utils::user_has_perms(self.channel_id, req));
 
-        if is_author {
-            return Err(Error::Client(ClientError::InvalidUser));
-        }
-
-        if !try!(utils::user_has_perms(self.channel_id, req)) && !is_author {
+        if !is_author && !has_perms {
             return Err(Error::Client(ClientError::InvalidPermissions(req)));
         }
 
-- 
cgit v1.2.3