repair isAuthorized and other user access and findings

2026-02-06 09:56:05 +00:00 · 2023-07-03 18:43:49 +02:00 · 2023-07-03 18:43:49 +02:00 · e018234591
commit e018234591
parent c324acc5b9
4 changed files with 8 additions and 1 deletions
--- a/backend/src/auth/MODERATOR_RIGHTS.ts
+++ b/backend/src/auth/MODERATOR_RIGHTS.ts
@ -13,6 +13,7 @@ export const MODERATOR_RIGHTS = [
  RIGHTS.DELETE_CONTRIBUTION_LINK,
  RIGHTS.UPDATE_CONTRIBUTION_LINK,
  RIGHTS.ADMIN_CREATE_CONTRIBUTION_MESSAGE,
+  RIGHTS.ADMIN_LIST_ALL_CONTRIBUTION_MESSAGES,
  RIGHTS.DENY_CONTRIBUTION,
  RIGHTS.ADMIN_OPEN_CREATIONS,
 ]
--- a/backend/src/graphql/directive/isAuthorized.ts
+++ b/backend/src/graphql/directive/isAuthorized.ts
@ -33,6 +33,7 @@ export const isAuthorized: AuthChecker<Context> = async ({ context }, rights) =>
  try {
    const user = await User.findOneOrFail({
      where: { gradidoID: decoded.gradidoID },
+      withDeleted: true,
      relations: ['emailContact', 'userRoles'],
    })
    // console.log('isAuthorized user=', user)
--- a/backend/src/graphql/resolver/UserResolver.ts
+++ b/backend/src/graphql/resolver/UserResolver.ts
@ -134,6 +134,7 @@ export class UserResolver {
    logger.info(`login with ${email}, ***, ${publisherId} ...`)
    email = email.trim().toLowerCase()
    const dbUser = await findUserByEmail(email)
+    // console.log('login dbUser=', dbUser)
    if (dbUser.deletedAt) {
      throw new LogError('This user was permanently deleted. Contact support for questions', dbUser)
    }
--- a/backend/src/seeds/factory/user.ts
+++ b/backend/src/seeds/factory/user.ts
@ -56,7 +56,11 @@ export const userFactory = async (
  }

  // get last changes of user from database
-  // dbUser = await User.findOneOrFail({ id }, { withDeleted: true })
+  dbUser = await User.findOneOrFail({
+    where: { id },
+    withDeleted: true,
+    relations: ['emailContact', 'userRoles'],
+  })

  return dbUser
 }