From fdbc08912d2482bd3b9a9e1bbe00aeb2a916bc4e Mon Sep 17 00:00:00 2001
From: trisua <me@trisua.com>
Date: Sun, 17 Aug 2025 11:56:20 -0400
Subject: [PATCH] add: private_mails bypass for MANAGE_USERS

---
 crates/app/src/routes/api/v1/letters.rs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/crates/app/src/routes/api/v1/letters.rs b/crates/app/src/routes/api/v1/letters.rs
index c2a525b..98ce467 100644
--- a/crates/app/src/routes/api/v1/letters.rs
+++ b/crates/app/src/routes/api/v1/letters.rs
@@ -3,7 +3,7 @@ use axum::{
     response::IntoResponse,
     Extension, Json,
 };
-use tetratto_core::model::{mail::Letter, oauth, ApiReturn, Error};
+use tetratto_core::model::{mail::Letter, oauth, ApiReturn, Error, permissions::FinePermission};
 use crate::{cookie::CookieJar, get_user_from_token, routes::pages::PaginatedQuery, State};
 use super::CreateLetter;
 
@@ -144,6 +144,7 @@ pub async fn create_request(
         }
 
         if other_user.settings.private_mails
+            && !user.permissions.check(FinePermission::MANAGE_USERS)
             && data
                 .get_userfollow_by_initiator_receiver(other_user.id, user.id)
                 .await