Super admin can manage office roles

This commit is contained in:
Maxime Lalo 2023-10-09 11:08:27 +02:00
parent 4860a95209
commit 294fc3fd9f

View File

@ -109,30 +109,32 @@ export default class UsersController extends ApiController {
//init IUser resource with request body values
const userEntity = User.hydrate<User>(req.body);
if(userEntity.role) {
if (userEntity.role) {
const role = await this.roleService.getByUid(userEntity.role.uid!);
if(!role) {
if (!role) {
this.httpBadRequest(response, "Role not found");
return;
}
if (role.name === "super-admin" || userFound.role.name === "super-admin" ) {
if (role.name === "super-admin" || userFound.role.name === "super-admin") {
this.httpBadRequest(response, "Cannot assign or remove super-admin role");
return;
}
}
if(userEntity.office_role) {
if (userEntity.office_role) {
const officeRole = await this.officeRoleService.getByUid(userEntity.office_role.uid!);
if(!officeRole) {
if (!officeRole) {
this.httpBadRequest(response, "Office role not found");
return;
}
if (officeRole.office_uid != userFound.office_uid) {
this.httpBadRequest(response, "Cannot assign an office role from another office");
return;
}
// Not needed if you're super admin you can assign every roles from every offices
// if (officeRole.office_uid != userFound.office_uid) {
// this.httpBadRequest(response, "Cannot assign an office role from another office");
// return;
// }
}
//call service to get prisma entity
const userEntityUpdated = await this.usersService.update(uid, userEntity);