UniqAI/hexabot
1
0
Fork 0
mirror of https://github.com/hexastack/hexabot synced 2024-11-24 13:05:15 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: improve code + add requested changes

Browse Source
This commit is contained in:
Emnaghz 2024-09-21 12:38:24 +01:00
parent 42cfc1fd30
commit 16f10c50f7
1 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
api/src/user/controllers/role.controller.ts
View File

@ -19,8 +19,8 @@ import {
Patch,
Query,
UseInterceptors,
Session,
ForbiddenException,
Session,
} from '@nestjs/common';
import { CsrfCheck } from '@tekuconcept/nestjs-csrf';
import { Session as ExpressSession } from 'express-session';
@ -148,11 +148,16 @@ export class RoleController extends BaseController<Role, RoleStub> {
@Delete(':id')
@HttpCode(204)
async deleteOne(@Param('id') id: string, @Session() session: ExpressSession) {
const roles = (
await this.userService.findOneAndPopulate(session.passport?.user?.id, [
'roles',
])
).roles.map((role) => role.id);
const currentUser = await this.userService.findOneAndPopulate(
session.passport.user.id,
['roles'],
);
if (!currentUser) {
throw new NotFoundException('User not found');
}
const roles = currentUser.roles.map((role) => role.id);
if (roles.includes(id)) {
throw new ForbiddenException("Your account's role can't be deleted");
} else {