swissmakers_gmbh/swiss-datashare
12
0
Fork 0
mirror of https://github.com/swissmakers/swiss-datashare.git synced 2026-04-01 06:27:00 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: admin property can't be set if OAuth2 user email doesn't match actual user's email

Browse Source
This commit is contained in:
Elias Schneider
2025-02-28 13:32:31 +01:00
parent b6d1720fe6
commit 1159d972a8
1 changed files with 11 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
backend/src/oauth/oauth.service.ts
View File

@@ -63,7 +63,7 @@ export class OAuthService {
},
});
if (oauthUser) {
await this.updateIsAdmin(user);
await this.updateIsAdmin(oauthUser.userId, user.isAdmin);
const updatedUser = await this.prisma.user.findFirst({
where: {
id: oauthUser.userId,
@@ -170,7 +170,7 @@ export class OAuthService {
userId: existingUser.id,
},
});
await this.updateIsAdmin(user);
await this.updateIsAdmin(existingUser.id, user.isAdmin);
return this.auth.generateToken(existingUser, { idToken: user.idToken });
}
@@ -196,15 +196,14 @@ export class OAuthService {
return result;
}
private async updateIsAdmin(user: OAuthSignInDto) {
if ("isAdmin" in user)
await this.prisma.user.update({
where: {
email: user.email,
},
data: {
isAdmin: user.isAdmin,
},
});
private async updateIsAdmin(userId: string, isAdmin?: boolean) {
await this.prisma.user.update({
where: {
id: userId,
},
data: {
isAdmin: isAdmin === true,
},
});
}
}