calvin.erfmann/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-01-28 22:00:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

update updateRole endpoint

Browse Source
This commit is contained in:
miloschwartz
2026-01-19 20:20:31 -08:00
parent 9527fe4f26
commit 915673798e
4 changed files with 19 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/routers/external.ts
View File

@@ -589,8 +589,8 @@ authenticated.get(
);
authenticated.post(
"/org/:orgId/role/:roleId",
verifyOrgAccess,
"/role/:roleId",
verifyRoleAccess,
verifyUserHasAction(ActionsEnum.updateRole),
logActionAudit(ActionsEnum.updateRole),
role.updateRole

4
server/routers/integration.ts
View File

@@ -468,8 +468,8 @@ authenticated.put(
);
authenticated.post(
"/org/:orgId/role/:roleId",
verifyApiKeyOrgAccess,
"/role/:roleId",
verifyApiKeyRoleAccess,
verifyApiKeyHasAction(ActionsEnum.updateRole),
logActionAudit(ActionsEnum.updateRole),
role.updateRole

20
server/routers/role/updateRole.ts
View File

@@ -1,6 +1,6 @@
import { Request, Response, NextFunction } from "express";
import { z } from "zod";
import { db, orgs, type Role } from "@server/db";
import { db, type Role } from "@server/db";
import { roles } from "@server/db";
import { eq } from "drizzle-orm";
import response from "@server/lib/response";
@@ -13,7 +13,6 @@ import { isLicensedOrSubscribed } from "@server/lib/isLicencedOrSubscribed";
import { OpenAPITags, registry } from "@server/openApi";
const updateRoleParamsSchema = z.strictObject({
orgId: z.string(),
roleId: z.string().transform(Number).pipe(z.int().positive())
});
@@ -33,7 +32,7 @@ export type UpdateRoleResponse = Role;
registry.registerPath({
method: "post",
path: "/org/{orgId}/role/{roleId}",
path: "/role/{roleId}",
description: "Update a role.",
tags: [OpenAPITags.Role],
request: {
@@ -75,14 +74,13 @@ export async function updateRole(
);
}
const { roleId, orgId } = parsedParams.data;
const { roleId } = parsedParams.data;
const updateData = parsedBody.data;
const role = await db
.select()
.from(roles)
.where(eq(roles.roleId, roleId))
.innerJoin(orgs, eq(roles.orgId, orgs.orgId))
.limit(1);
if (role.length === 0) {
@@ -94,7 +92,7 @@ export async function updateRole(
);
}
if (role[0].roles.isAdmin) {
if (role[0].isAdmin) {
return next(
createHttpError(
HttpCode.FORBIDDEN,
@@ -103,6 +101,16 @@ export async function updateRole(
);
}
const orgId = role[0].orgId;
if (!orgId) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
"Role does not have an organization ID"
)
);
}
const isLicensed = await isLicensedOrSubscribed(orgId);
if (build === "oss" || !isLicensed) {
updateData.requireDeviceApproval = undefined;