Skip to content

Commit

Permalink
fix: do not use auth when loading admin user (profile)
Browse files Browse the repository at this point in the history
  • Loading branch information
@adrians5j
adrians5j committed Jan 18, 2024
1 parent 03e8e42 commit 56afdd8
Showing 1 changed file with 17 additions and 13 deletions.
30 changes: 17 additions & 13 deletions packages/api-admin-users/src/graphql/user.gql.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,8 +70,10 @@ export default (params: CreateUserGraphQlPluginsParams) => {
resolvers: {
AdminUserIdentity: {
async profile(identity, _, context) {
const adminUser = await context.adminUsers.getUser({
where: { id: identity.id }
const adminUser = await context.security.withoutAuthorization(async () => {
return context.adminUsers.getUser({
where: { id: identity.id }
});
});

if (adminUser) {
Expand All @@ -82,17 +84,19 @@ export default (params: CreateUserGraphQlPluginsParams) => {
// a "parent" tenant user, so naturally, his user profile lives in his original tenant.
const tenant = context.tenancy.getCurrentTenant();

return await context.adminUsers.getUser({
where: {
id: identity.id,
/**
* TODO @ts-refactor @pavel
* What happens if tenant has no parent?
* Or is the getUser.where.tenant optional parameter? In that case, remove comments and make tenant param optional
*/
// @ts-ignore
tenant: tenant.parent
}
return context.security.withoutAuthorization(async () => {
return context.adminUsers.getUser({
where: {
id: identity.id,
/**
* TODO @ts-refactor @pavel
* What happens if tenant has no parent?
* Or is the getUser.where.tenant optional parameter? In that case, remove comments and make tenant param optional
*/
// @ts-ignore
tenant: tenant.parent
}
});
});
},
__isTypeOf(obj: SecurityIdentity) {
Expand Down

0 comments on commit 56afdd8

Please sign in to comment.