Mirrors/unleash.unleash
1
0
Fork 0
mirror of https://github.com/Unleash/unleash.git synced 2025-01-20 00:08:02 +01:00
Code Issues Projects Releases Wiki Activity

fix: regular users are not API users

Browse Source
This commit is contained in:
Ivar Conradi Østhus 2021-05-03 19:33:26 +02:00
parent 85a544bbd6
commit 0bed8f605e
No known key found for this signature in database
GPG Key ID: 31AC596886B0BD09
4 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/lib/middleware/rbac-middleware.ts
View File

@ -5,7 +5,6 @@ import {
DELETE_FEATURE,
ADMIN,
} from '../types/permissions';
import ApiUser from '../types/api-user';
import { IUnleashConfig } from '../types/option';
import { IUnleashStores } from '../types/stores';
import User from '../types/user';

5
src/lib/routes/admin-api/api-token-controller.ts
View File

@ -14,7 +14,6 @@ import { AccessService } from '../../services/access-service';
import { IAuthRequest } from '../unleash-types';
import User from '../../types/user';
import { IUnleashConfig } from '../../types/option';
import ApiUser from '../../types/api-user';
interface IServices {
apiTokenService: ApiTokenService;
@ -40,8 +39,8 @@ class ApiTokenController extends Controller {
this.delete('/:token', this.deleteApiToken, DELETE_API_TOKEN);
}
private async isTokenAdmin(user: User | ApiUser) {
if (user instanceof ApiUser) {
private async isTokenAdmin(user: User) {
if (user.isAPI) {
return user.permissions.includes(ADMIN);
}

3
src/lib/services/access-service.ts
View File

@ -148,6 +148,9 @@ export class AccessService {
}
async getPermissionsForUser(user: User): Promise<IUserPermission[]> {
if (user.isAPI) {
return [];
}
return this.store.getPermissionsForUser(user.id);
}

2
src/lib/types/user.ts
View File

@ -22,6 +22,8 @@ export interface IUser {
}
export default class User implements IUser {
isAPI: boolean = false;
id: number;
name: string;