Allowing null for global user endpoint properties.

2021-05-19 13:30:55 +01:00 · 2021-05-19 13:30:55 +01:00 · 5e7ca07af7
parent c2cd365e76
commit 5e7ca07af7
2 changed files with 6 additions and 3 deletions
--- a/packages/worker/src/api/controllers/admin/users.js
+++ b/packages/worker/src/api/controllers/admin/users.js
@ -102,6 +102,9 @@ exports.self = async ctx => {
  if (ctx.request.body.password) {
    ctx.request.body.password = await hash(ctx.request.body.password)
  }
+  // don't allow sending up an ID/Rev, always use the existing one
+  delete ctx.request.body._id
+  delete ctx.request.body._rev
  const response = await db.put({
    ...user,
    ...ctx.request.body,
--- a/packages/worker/src/api/routes/admin/users.js
+++ b/packages/worker/src/api/routes/admin/users.js
@ -7,10 +7,10 @@ const router = Router()

 function buildUserSaveValidation(isSelf = false) {
  let schema = {
-    email: Joi.string(),
+    email: Joi.string().allow(null, ""),
    password: Joi.string().allow(null, ""),
-    firstName: Joi.string(),
-    lastName: Joi.string(),
+    firstName: Joi.string().allow(null, ""),
+    lastName: Joi.string().allow(null, ""),
    builder: Joi.object({
      global: Joi.boolean().optional(),
      apps: Joi.array().optional(),