From ad4b43e56e8b0710ecaeca359e43b39aca114ecd Mon Sep 17 00:00:00 2001
From: OxSaitama <arnaud.daubernatali@smart-chain.fr>
Date: Mon, 24 Jul 2023 13:59:47 +0200
Subject: [PATCH] feat(middlewares): add access to admin services for
 super-admin

---
 src/app/middlewares/RulesHandler.ts | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/app/middlewares/RulesHandler.ts b/src/app/middlewares/RulesHandler.ts
index 33bd1c07..001cb4cd 100644
--- a/src/app/middlewares/RulesHandler.ts
+++ b/src/app/middlewares/RulesHandler.ts
@@ -9,13 +9,13 @@ export default async function ruleHandler(req: Request, response: Response, next
 		response.status(HttpCodes.UNAUTHORIZED).send("Missing rules in JWT");
 		return;
 	}
-	// const namespace = req.path && req.path.split("/")[3];
-	// const role = req.body.user.role;
+	const namespace = req.path && req.path.split("/")[3];
+	const role = req.body.user.role;
 
-	// if (namespace != "notary" && role != namespace) {
-	// 	response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this role");
-	// 	return;
-	// }
+	if (namespace != "notary" && role != namespace && role != "super-admin") {
+		response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this role");
+		return;
+	}
 
 	if (!rules.includes(req.method + " " + service)) {
 		response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with those rules");