watson/umami
1
0
Fork 0
mirror of https://github.com/umami-software/umami.git synced 2026-02-12 08:37:13 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Add admin check. (#1716)

Browse source 
* Add admin check.

* Fix teamId check.
This commit is contained in:
Brian Cao 2022-12-27 15:18:58 -08:00 committed by GitHub
parent c90bd941b5
commit 561cde6e7e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
20 changed files with 133 additions and 98 deletions
Download patch file Download diff file Expand all files Collapse all files

5
pages/api/users/[id]/password.ts
View file

@ -29,12 +29,9 @@ export default async (
const { currentPassword, newPassword } = req.body;
const { id } = req.query;
const {
user: { id: userId, isAdmin },
} = req.auth;
if (req.method === 'POST') {
if (!isAdmin && !(await canUpdateUser(userId, id))) {
if (!(await canUpdateUser(req.auth, id))) {
return unauthorized(res);
}