diff options
| author | syuilo <Syuilotan@yahoo.co.jp> | 2023-10-19 20:47:23 +0900 |
|---|---|---|
| committer | syuilo <Syuilotan@yahoo.co.jp> | 2023-10-19 20:47:23 +0900 |
| commit | 4a7c6e261a847a5cc622d72dc291755956bb71e8 (patch) | |
| tree | 9151d0ec4777a935e2c2f2f003e1e2456087b841 /packages/backend/src/server/api | |
| parent | disable cypress widgets tests (diff) | |
| download | sharkey-4a7c6e261a847a5cc622d72dc291755956bb71e8.tar.gz sharkey-4a7c6e261a847a5cc622d72dc291755956bb71e8.tar.bz2 sharkey-4a7c6e261a847a5cc622d72dc291755956bb71e8.zip | |
fix(backend): 管理者権限のロールを持っていても一部のAPIが使用できないことがある問題を修正
Diffstat (limited to 'packages/backend/src/server/api')
| -rw-r--r-- | packages/backend/src/server/api/ApiCallService.ts | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/packages/backend/src/server/api/ApiCallService.ts b/packages/backend/src/server/api/ApiCallService.ts index 085a0fd58a..66f171a5d8 100644 --- a/packages/backend/src/server/api/ApiCallService.ts +++ b/packages/backend/src/server/api/ApiCallService.ts @@ -318,8 +318,9 @@ export class ApiCallService implements OnApplicationShutdown { } if (ep.meta.requireRolePolicy != null && !user!.isRoot) { + const myRoles = await this.roleService.getUserRoles(user!.id); const policies = await this.roleService.getUserPolicies(user!.id); - if (!policies[ep.meta.requireRolePolicy]) { + if (!policies[ep.meta.requireRolePolicy] && !myRoles.some(r => r.isAdministrator)) { throw new ApiError({ message: 'You are not assigned to a required role.', code: 'ROLE_PERMISSION_DENIED', |