diff --git a/packages/backend-core/src/security/roles.ts b/packages/backend-core/src/security/roles.ts index 66c44503ba..e8a3c76c0a 100644 --- a/packages/backend-core/src/security/roles.ts +++ b/packages/backend-core/src/security/roles.ts @@ -165,7 +165,7 @@ export async function getRole( // finalise the ID role._id = getExternalRoleID(role._id) } catch (err) { - if (opts?.defaultPublic) { + if (!isBuiltin(roleId) && opts?.defaultPublic) { return cloneDeep(BUILTIN_ROLES.PUBLIC) } // only throw an error if there is no role at all diff --git a/packages/server/src/api/controllers/routing.ts b/packages/server/src/api/controllers/routing.ts index 05ab35aea2..1bfd289637 100644 --- a/packages/server/src/api/controllers/routing.ts +++ b/packages/server/src/api/controllers/routing.ts @@ -1,6 +1,6 @@ import { getRoutingInfo } from "../../utilities/routing" import { roles } from "@budibase/backend-core" -import { BBContext } from "@budibase/types" +import { UserCtx } from "@budibase/types" const URL_SEPARATOR = "/" @@ -56,11 +56,11 @@ async function getRoutingStructure() { return { routes: routing.json } } -export async function fetch(ctx: BBContext) { +export async function fetch(ctx: UserCtx) { ctx.body = await getRoutingStructure() } -export async function clientFetch(ctx: BBContext) { +export async function clientFetch(ctx: UserCtx) { const routing = await getRoutingStructure() let roleId = ctx.user?.role?._id const roleIds = (await roles.getUserRoleHierarchy(roleId, { diff --git a/packages/server/src/middleware/currentapp.ts b/packages/server/src/middleware/currentapp.ts index e63e18463d..6879a103bc 100644 --- a/packages/server/src/middleware/currentapp.ts +++ b/packages/server/src/middleware/currentapp.ts @@ -96,7 +96,7 @@ export default async (ctx: UserCtx, next: any) => { const userId = ctx.user ? generateUserMetadataID(ctx.user._id!) : undefined - let role = (ctx.user = { + ctx.user = { ...ctx.user!, // override userID with metadata one _id: userId, @@ -104,7 +104,7 @@ export default async (ctx: UserCtx, next: any) => { globalId, roleId, role: await roles.getRole(roleId, { defaultPublic: true }), - }) + } } return next()