From d87b8c0563a00f63b9e7993be2a80e08ff09e8ad Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Fri, 4 Feb 2022 17:34:39 +0000
Subject: [PATCH] Fix for #4267 - allow admins to access all roles.

---
 packages/backend-core/src/security/roles.js | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/packages/backend-core/src/security/roles.js b/packages/backend-core/src/security/roles.js
index 82bfbd5212..11abc70bdd 100644
--- a/packages/backend-core/src/security/roles.js
+++ b/packages/backend-core/src/security/roles.js
@@ -146,8 +146,9 @@ exports.getRole = async roleId => {
  * Simple function to get all the roles based on the top level user role ID.
  */
 async function getAllUserRoles(userRoleId) {
-  if (!userRoleId) {
-    return [BUILTIN_IDS.BASIC]
+  // admins have access to all roles
+  if (userRoleId === BUILTIN_IDS.ADMIN) {
+    return exports.getAllRoles()
   }
   let currentRole = await exports.getRole(userRoleId)
   let roles = currentRole ? [currentRole] : []