This commit is contained in:
Mel O'Hagan 2022-11-29 16:38:44 +00:00
parent 7db3f4ca94
commit 08104c918b
1 changed files with 4 additions and 5 deletions

View File

@ -23,11 +23,10 @@ const MAX_USERS_UPLOAD_LIMIT = 1000
export const save = async (ctx: any) => { export const save = async (ctx: any) => {
try { try {
if ( const body = ctx.request.body
!ctx.request.body._id && const isCreate = !body._id
!ctx.internal && const isAdmin = !!ctx.user.admin?.global
(!ctx.user || !ctx.user.admin || !ctx.user.admin.global) if (isCreate && !isAdmin) {
) {
ctx.throw(403, "Only admin user can create new user.") ctx.throw(403, "Only admin user can create new user.")
} }
ctx.body = await sdk.users.save(ctx.request.body) ctx.body = await sdk.users.save(ctx.request.body)