From 0bed8f605e99d04e67b41a39a3a3e15a4226b129 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ivar=20Conradi=20=C3=98sthus?= <ivarconr@gmail.com>
Date: Mon, 3 May 2021 19:33:26 +0200
Subject: [PATCH] fix: regular users are not API users

---
 src/lib/middleware/rbac-middleware.ts            | 1 -
 src/lib/routes/admin-api/api-token-controller.ts | 5 ++---
 src/lib/services/access-service.ts               | 3 +++
 src/lib/types/user.ts                            | 2 ++
 4 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/src/lib/middleware/rbac-middleware.ts b/src/lib/middleware/rbac-middleware.ts
index c04a24e255..70dc9c02d0 100644
--- a/src/lib/middleware/rbac-middleware.ts
+++ b/src/lib/middleware/rbac-middleware.ts
@@ -5,7 +5,6 @@ import {
     DELETE_FEATURE,
     ADMIN,
 } from '../types/permissions';
-import ApiUser from '../types/api-user';
 import { IUnleashConfig } from '../types/option';
 import { IUnleashStores } from '../types/stores';
 import User from '../types/user';
diff --git a/src/lib/routes/admin-api/api-token-controller.ts b/src/lib/routes/admin-api/api-token-controller.ts
index dc168d25ac..f2550b3af1 100644
--- a/src/lib/routes/admin-api/api-token-controller.ts
+++ b/src/lib/routes/admin-api/api-token-controller.ts
@@ -14,7 +14,6 @@ import { AccessService } from '../../services/access-service';
 import { IAuthRequest } from '../unleash-types';
 import User from '../../types/user';
 import { IUnleashConfig } from '../../types/option';
-import ApiUser from '../../types/api-user';
 
 interface IServices {
     apiTokenService: ApiTokenService;
@@ -40,8 +39,8 @@ class ApiTokenController extends Controller {
         this.delete('/:token', this.deleteApiToken, DELETE_API_TOKEN);
     }
 
-    private async isTokenAdmin(user: User | ApiUser) {
-        if (user instanceof ApiUser) {
+    private async isTokenAdmin(user: User) {
+        if (user.isAPI) {
             return user.permissions.includes(ADMIN);
         }
 
diff --git a/src/lib/services/access-service.ts b/src/lib/services/access-service.ts
index be5db9ac09..b07e02cd11 100644
--- a/src/lib/services/access-service.ts
+++ b/src/lib/services/access-service.ts
@@ -148,6 +148,9 @@ export class AccessService {
     }
 
     async getPermissionsForUser(user: User): Promise<IUserPermission[]> {
+        if (user.isAPI) {
+            return [];
+        }
         return this.store.getPermissionsForUser(user.id);
     }
 
diff --git a/src/lib/types/user.ts b/src/lib/types/user.ts
index ccf027a9a2..24fedc89fc 100644
--- a/src/lib/types/user.ts
+++ b/src/lib/types/user.ts
@@ -22,6 +22,8 @@ export interface IUser {
 }
 
 export default class User implements IUser {
+    isAPI: boolean = false;
+
     id: number;
 
     name: string;