fix: include isAuthorized prop

8 months ago · 9f34b6d602
2 changed files with 7 additions and 7 deletions
--- a/packages/nocodb/src/middlewares/extract-ids/extract-ids.middleware.ts
+++ b/packages/nocodb/src/middlewares/extract-ids/extract-ids.middleware.ts
@ -216,16 +216,15 @@ export class AclMiddleware implements NestInterceptor {
    const req = context.switchToHttp().getRequest();
    if (!req.user?.isAuthorized) {
      NcError.unauthorized('Invalid token');
    }
    const userScopeRole =
      req.user.roles?.[OrgUserRoles.SUPER_ADMIN] === true
        ? OrgUserRoles.SUPER_ADMIN
        : getUserRoleForScope(req.user, scope);
-    if (!userScopeRole) {
+    if (!userScopeRole)
      if (!req.user?.isAuthorized) {
        NcError.unauthorized('Invalid token');
      }
      NcError.forbidden("You don't have permission to access this resource");
    }
--- a/packages/nocodb/src/strategies/jwt.strategy.ts
+++ b/packages/nocodb/src/strategies/jwt.strategy.ts
@ -25,10 +25,11 @@ export class JwtStrategy extends PassportStrategy(Strategy) {
    ) {
      throw new Error('Token Expired. Please login again.');
    }
-
+    const userWithRoles = await User.getWithRoles(user.id, {
    return User.getWithRoles(user.id, {
      user,
      baseId: req.ncBaseId,
    });
    return userWithRoles && { ...userWithRoles, isAuthorized: true };
  }
 }