fix: admin property can't be set if OAuth2 user email doesn't match actual user's email

backend/src/oauth/oauth.service.ts

@@ -63,7 +63,7 @@ export class OAuthService {
       },
     });
     if (oauthUser) {
-      await this.updateIsAdmin(user);
+      await this.updateIsAdmin(oauthUser.userId, user.isAdmin);
       const updatedUser = await this.prisma.user.findFirst({
         where: {
           id: oauthUser.userId,
@@ -170,7 +170,7 @@ export class OAuthService {
           userId: existingUser.id,
         },
       });
-      await this.updateIsAdmin(user);
+      await this.updateIsAdmin(existingUser.id, user.isAdmin);
       return this.auth.generateToken(existingUser, { idToken: user.idToken });
     }
 
@@ -196,15 +196,14 @@ export class OAuthService {
     return result;
   }
 
-  private async updateIsAdmin(user: OAuthSignInDto) {
+  private async updateIsAdmin(userId: string, isAdmin?: boolean) {
-    if ("isAdmin" in user)
+    await this.prisma.user.update({
-      await this.prisma.user.update({
+      where: {
-        where: {
+        id: userId,
-          email: user.email,
+      },
-        },
+      data: {
-        data: {
+        isAdmin: isAdmin === true,
-          isAdmin: user.isAdmin,
+      },
-        },
+    });
-      });
   }
 }