Don't allow non-management to access et member management

2024-03-05 21:37:57 -05:00 · 2024-03-05 21:37:57 -05:00 · 2cd5c7a5b7
commit 2cd5c7a5b7
parent 730e55ebac
2 changed files with 6 additions and 8 deletions
--- a/app/routes/et-members.tsx
+++ b/app/routes/et-members.tsx
@ -37,11 +37,7 @@ export async function loader({ context }: { context: RequestContext }) {
      status: 401,
    });

-  if (
-    ![1 << 3, 1 << 4, 1 << 12].find(
-      (p) => context.data.current_user.permissions & p,
-    )
-  )
+  if (![1 << 4, 1 << 12].find((p) => context.data.current_user.permissions & p))
    throw new Response(null, {
      status: 403,
    });
--- a/app/routes/events-team.tsx
+++ b/app/routes/events-team.tsx
@ -454,9 +454,11 @@ export default function () {
        <Link color="#646cff" href="/book-event" mt="16px">
          Book an Event
        </Link>
+        {can_approve ? (
          <Link color="#646cff" href="/et-members" mb="32px" mt="8px">
            Events Team Member Management
          </Link>
+        ) : null}
      </VStack>
    </Container>
  );