watson/umami
1
0
Fork 0
mirror of https://github.com/umami-software/umami.git synced 2026-02-20 12:35:38 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Add admin check.

Browse source
This commit is contained in:
Brian Cao 2022-12-27 13:13:59 -08:00
parent c90bd941b5
commit 39ea100f2a
20 changed files with 133 additions and 98 deletions
Download patch file Download diff file Expand all files Collapse all files

5
pages/api/users/[id]/password.ts
View file

@ -29,12 +29,9 @@ export default async (
const { currentPassword, newPassword } = req.body;
const { id } = req.query;
const {
user: { id: userId, isAdmin },
} = req.auth;
if (req.method === 'POST') {
if (!isAdmin && !(await canUpdateUser(userId, id))) {
if (!(await canUpdateUser(req.auth, id))) {
return unauthorized(res);
}