From 0870acfaa6bb8fabb165b8d395cf9ad87a09942f Mon Sep 17 00:00:00 2001 From: Jorge Russo Date: Mon, 2 Oct 2023 11:26:53 +0700 Subject: [PATCH 1/2] Added filter by tenant when we get users --- services/iam/package.json | 2 +- services/iam/src/routes/users.js | 6 +++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/services/iam/package.json b/services/iam/package.json index 31b67bb98..74782ceae 100644 --- a/services/iam/package.json +++ b/services/iam/package.json @@ -15,7 +15,7 @@ "task": "node", "generate-keystore": "node -e 'require(\"./src/oidc/util/generate-keystore\").generateFile()'", "generate-nodemon-env": "node -e 'require(\"./src/util/nodemon-env\").saveToFile()'", - "test": "npm run build && npm run lint && jest --silent=false --runInBand --forceExit", + "test": "npm run build && jest --silent=false --runInBand --forceExit", "coverage": "jest --runInBand --coverage --forceExit", "postinstall": "node ./src/app/dev/generateKeys.js", "build:docker": "docker build -t openintegrationhub/iam:${VERSION} -f Dockerfile ../../" diff --git a/services/iam/src/routes/users.js b/services/iam/src/routes/users.js index 00d135228..19235d232 100644 --- a/services/iam/src/routes/users.js +++ b/services/iam/src/routes/users.js @@ -88,7 +88,7 @@ router.post('/', auth.hasTenantPermissions([PERMISSIONS['tenant.account.create'] /** * Get all Users */ -router.get('/', auth.isAdmin, async (req, res, next) => { +router.get('/', auth.isLoggedIn, async (req, res, next) => { try { const filter = {}; if (req.query.userId) { @@ -112,6 +112,10 @@ router.get('/', auth.isAdmin, async (req, res, next) => { $in: filterUsernames, }; } + // we assure that a user can only fetch users from their tenant + if (!req.user.isAdmin) { + filter.tenant = req.user.tenant; + } const doc = await AccountDAO.find(filter); if (req.query.meta) { From ae911b052fd8b64b62737a3dd259fae9f277b02e Mon Sep 17 00:00:00 2001 From: Jorge Russo Date: Mon, 2 Oct 2023 11:27:37 +0700 Subject: [PATCH 2/2] Set back again lint when we run tests --- services/iam/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/iam/package.json b/services/iam/package.json index 74782ceae..31b67bb98 100644 --- a/services/iam/package.json +++ b/services/iam/package.json @@ -15,7 +15,7 @@ "task": "node", "generate-keystore": "node -e 'require(\"./src/oidc/util/generate-keystore\").generateFile()'", "generate-nodemon-env": "node -e 'require(\"./src/util/nodemon-env\").saveToFile()'", - "test": "npm run build && jest --silent=false --runInBand --forceExit", + "test": "npm run build && npm run lint && jest --silent=false --runInBand --forceExit", "coverage": "jest --runInBand --coverage --forceExit", "postinstall": "node ./src/app/dev/generateKeys.js", "build:docker": "docker build -t openintegrationhub/iam:${VERSION} -f Dockerfile ../../"