mirror/formbricks-formbricks
1
0
Fork 0
mirror of https://github.com/formbricks/formbricks.git synced 2026-04-25 15:09:03 -05:00
Code Issues Packages Projects Releases 100 Wiki Activity

Fix Permissions for Team Actions

Browse Source 
Fix Permissions for Team Actions
This commit is contained in:
Johannes
2023-07-12 12:08:52 -05:00
committed by GitHub
parent 8821fa2167 a1a4972db3
commit 194809758b
3 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/web/pages/api/v1/teams/[teamId]/index.ts
+1 -1
View File
@@ -37,7 +37,7 @@ export default async function handle(req: NextApiRequest, res: NextApiResponse)
},
},
});
if (membership?.role !== "owner") {
if (membership?.role !== "owner" && membership?.role !== "admin") {
return res.status(403).json({ message: "You are not allowed to update this team" });
}
apps/web/pages/api/v1/teams/[teamId]/invite/[inviteId]/index.ts
+1 -1
View File
@@ -70,7 +70,7 @@ export default async function handle(req: NextApiRequest, res: NextApiResponse)
},
},
});
if (membership?.role !== "owner" || membership?.role !== "owner") {
if (membership?.role !== "owner" && membership?.role !== "admin") {
return res.status(403).json({ message: "You are not allowed to delete members from this team" });
}
apps/web/pages/api/v1/teams/[teamId]/members/[userId]/index.ts
+1 -1
View File
@@ -64,7 +64,7 @@ export default async function handle(req: NextApiRequest, res: NextApiResponse)
},
},
});
if (membership?.role !== "owner") {
if (membership?.role !== "owner" && membership?.role !== "admin") {
return res.status(403).json({ message: "You are not allowed to delete member froms this team" });
} else if (membership?.role === "owner" && userId === currentUser.id) {
return res.status(403).json({ message: "You cannot delete yourself from this team" });