fix(authentication): team permissions allowance check

ConduitPlatform · Apr 10, 2023 · 6cac5ba · 6cac5ba
1 parent 35b706b
commit 6cac5ba
Showing 1 changed file with 7 additions and 7 deletions.
diff --git a/modules/authentication/src/handlers/team.ts b/modules/authentication/src/handlers/team.ts
@@ -98,7 +98,7 @@ export class TeamsHandler implements IAuthenticationStrategy {
       actions: ['invite'],
       resource: 'Team:' + teamId,
     });
-    if (!allowed || !config.teams.allowAddWithoutInvite) {
+    if (!allowed.allow || !config.teams.allowAddWithoutInvite) {
       throw new GrpcError(
         status.INVALID_ARGUMENT,
         'Could not add user to team, user does not have permission ' +
@@ -170,7 +170,7 @@ export class TeamsHandler implements IAuthenticationStrategy {
         actions: ['edit'],
         resource: 'Team:' + parentTeam,
       });
-      if (!allowed) {
+      if (!allowed.allow) {
         throw new GrpcError(
           status.PERMISSION_DENIED,
           'User does not have permission to create a subteam',
@@ -269,7 +269,7 @@ export class TeamsHandler implements IAuthenticationStrategy {
       actions: ['edit'],
       resource: 'Team:' + teamId,
     });
-    if (!allowed) {
+    if (!allowed.allow) {
       throw new GrpcError(
         status.PERMISSION_DENIED,
         'User does not have permission to remove team members',
@@ -295,7 +295,7 @@ export class TeamsHandler implements IAuthenticationStrategy {
       actions: ['read'],
       resource: 'Team:' + teamId,
     });
-    if (!allowed) {
+    if (!allowed.allow) {
       throw new GrpcError(
         status.PERMISSION_DENIED,
         'User does not have permission to view team members',
@@ -328,7 +328,7 @@ export class TeamsHandler implements IAuthenticationStrategy {
       actions: ['read'],
       resource: 'Team:' + teamId,
     });
-    if (!allowed) {
+    if (!allowed.allow) {
       throw new GrpcError(
         status.PERMISSION_DENIED,
         'User does not have permission to view team',
@@ -379,7 +379,7 @@ export class TeamsHandler implements IAuthenticationStrategy {
       actions: ['read'],
       resource: 'Team:' + teamId,
     });
-    if (!allowed) {
+    if (!allowed.allow) {
       throw new GrpcError(
         status.PERMISSION_DENIED,
         'User does not have permission to view subteams',
@@ -481,7 +481,7 @@ export class TeamsHandler implements IAuthenticationStrategy {
       actions: ['edit'],
       resource: 'Team:' + teamId,
     });
-    if (!allowed) {
+    if (!allowed.allow) {
       throw new GrpcError(
         status.PERMISSION_DENIED,
         'User does not have permission to modify team members',