fix: consider ADMIN in API tokens fetch permissions (#4032)

#4019 introduced a bug where API token filtering was not taking into account ADMIN permissions, which means the API tokens were not being displayed on the UI.
Unleash · Jun 21, 2023 · 197df96 · 197df96
1 parent 35d323a
commit 197df96
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/src/lib/routes/admin-api/api-token.ts b/src/lib/routes/admin-api/api-token.ts
@@ -353,13 +353,16 @@ export class ApiTokenController extends Controller {
         const userPermissions = await this.accessService.getPermissionsForUser(
             user,
         );
-        let allowedTokenTypes = [
+
+        const allowedTokenTypes = [
             READ_ADMIN_API_TOKEN,
             READ_CLIENT_API_TOKEN,
             READ_FRONTEND_API_TOKEN,
         ]
             .filter((readPerm) =>
-                userPermissions.some((p) => p.permission === readPerm),
+                userPermissions.some(
+                    (p) => p.permission === readPerm || p.permission === ADMIN,
+                ),
             )
             .map(permissionToTokenType)
             .filter((t) => t);