fix(backend): 管理者権限のロールを持っていても一部のAPIが使用できないことがある問題を修正

2023-10-19 20:47:23 +09:00 · 2023-10-19 20:47:23 +09:00 · 4a7c6e261a
commit 4a7c6e261a
parent e5598da7a2
2 changed files with 3 additions and 1 deletions
--- a/packages/backend/src/server/api/ApiCallService.ts
+++ b/packages/backend/src/server/api/ApiCallService.ts
@ -318,8 +318,9 @@ export class ApiCallService implements OnApplicationShutdown {
 		}

 		if (ep.meta.requireRolePolicy != null && !user!.isRoot) {
+			const myRoles = await this.roleService.getUserRoles(user!.id);
 			const policies = await this.roleService.getUserPolicies(user!.id);
-			if (!policies[ep.meta.requireRolePolicy]) {
+			if (!policies[ep.meta.requireRolePolicy] && !myRoles.some(r => r.isAdministrator)) {
 				throw new ApiError({
 					message: 'You are not assigned to a required role.',
 					code: 'ROLE_PERMISSION_DENIED',