devops/encoach_frontend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added permissions to filter out the user update

Browse Source
This commit is contained in:
Joao Ramos
2024-07-25 11:23:11 +01:00
parent 923319051c
commit 45df9837e7
4 changed files with 104 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/pages/api/user.ts
View File

@@ -87,7 +87,7 @@ async function del(req: NextApiRequest, res: NextApiResponse) {
}
const permission = PERMISSIONS.deleteUser[targetUser.type];
if (!permission.includes(user.type)) {
if (!permission.list.includes(user.type)) {
res.status(403).json({ ok: false });
return;
}