fix: wrong key
This commit is contained in:
Methapon2001
parent
25a1f3c4a4
commit
2450ddb7ee
3 changed files with 7 additions and 7 deletions
|
|
@ -104,7 +104,7 @@ export class BranchController extends Controller {
|
|||
const list = await prisma.branchUser.groupBy({
|
||||
_count: true,
|
||||
where: {
|
||||
userId: !["system", "head_of_admin", "admin"].some((v) => req.user.role?.includes(v))
|
||||
userId: !["system", "head_of_admin", "admin"].some((v) => req.user.roles?.includes(v))
|
||||
? req.user.sub
|
||||
: undefined,
|
||||
user: {
|
||||
|
|
@ -116,7 +116,7 @@ export class BranchController extends Controller {
|
|||
|
||||
const record = await prisma.branch.findMany({
|
||||
where: {
|
||||
user: !["system", "head_of_admin", "admin"].some((v) => req.user.role?.includes(v))
|
||||
user: !["system", "head_of_admin", "admin"].some((v) => req.user.roles?.includes(v))
|
||||
? { some: { userId: req.user.sub } }
|
||||
: undefined,
|
||||
},
|
||||
|
|
@ -412,7 +412,7 @@ export class BranchController extends Controller {
|
|||
}
|
||||
|
||||
if (
|
||||
!["system", "head_of_admin", "admin"].some((v) => req.user.role?.includes(v)) &&
|
||||
!["system", "head_of_admin", "admin"].some((v) => req.user.roles?.includes(v)) &&
|
||||
!branch?.user.find((v) => v.userId === req.user.sub)
|
||||
) {
|
||||
throw new HttpError(
|
||||
|
|
@ -491,7 +491,7 @@ export class BranchController extends Controller {
|
|||
where: { id: branchId },
|
||||
});
|
||||
|
||||
if (!["system", "head_of_admin", "admin"].some((v) => req.user.role?.includes(v))) {
|
||||
if (!["system", "head_of_admin", "admin"].some((v) => req.user.roles?.includes(v))) {
|
||||
if (
|
||||
record?.createdByUserId !== req.user.sub &&
|
||||
!record?.user.find((v) => v.userId === req.user.sub)
|
||||
|
|
|
|||
|
|
@ -8,6 +8,6 @@ export type RequestWithUser = Request & {
|
|||
familiy_name: string;
|
||||
preferred_username: string;
|
||||
email: string;
|
||||
role: string[];
|
||||
roles: string[];
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -8,10 +8,10 @@ export function role(
|
|||
errorMessage: string = "You do not have permission to access this resource.",
|
||||
) {
|
||||
return (req: RequestWithUser, _res: Response, next: NextFunction) => {
|
||||
if (!Array.isArray(role) && !req.user.role.includes(role) && !req.user.role.includes("*")) {
|
||||
if (!Array.isArray(role) && !req.user.roles.includes(role) && !req.user.roles.includes("*")) {
|
||||
throw new HttpError(HttpStatus.FORBIDDEN, errorMessage, "noPermissionToAccess");
|
||||
}
|
||||
if (role !== "*" && !req.user.role.some((v) => role.includes(v))) {
|
||||
if (role !== "*" && !req.user.roles.some((v) => role.includes(v))) {
|
||||
throw new HttpError(HttpStatus.FORBIDDEN, errorMessage, "noPermissionToAccess");
|
||||
}
|
||||
return next();
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue