Skip to content

Commit

Permalink
feat(project): allow an editors to load other users
Browse files Browse the repository at this point in the history 
feat(editors): allow editors
  • Loading branch information
@lutangar
lutangar committed Jan 29, 2024
1 parent 924548b commit afc76a2
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 3 deletions.
4 changes: 2 additions & 2 deletions apps/backend-e2e/src/e2e/user.cy.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -190,13 +190,13 @@ describe('User operations', () => {
expect(response.body).to.be.an('array');
});
});
it('Should fail when trying to get all users as an editor.', () => {
it('Should succeed when trying to get all users as an editor.', () => {
cy.login(Cypress.env('editor_credentials'));
cy.authenticatedRequest({
method: 'GET',
url: `/api/users/`,
}).then((response: Cypress.Response<GetUserDto[]>) => {
expect(response.status).to.eq(403);
expect(response.status).to.eq(200);
});
});
// UPDATE
Expand Down
3 changes: 2 additions & 1 deletion apps/backend/src/auth/can-get-users.guard.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ export class CanGetUsersGuard extends AuthGuard('local') {
if (userCredentials === null) {
return false;
}
return userCredentials.role === Roles.ADMIN;

return [Roles.ADMIN, Roles.EDITOR].includes(userCredentials.role);
}
}

0 comments on commit afc76a2

Please sign in to comment.