From 79ce54863d8c96e4e8138afa806343fdf4827811 Mon Sep 17 00:00:00 2001 From: Kraiem Taha Yassine Date: Thu, 5 Aug 2021 14:06:16 +0200 Subject: [PATCH] Api changes (#120) * feat(api): include smtp flag in login response * feat(api): changed smtp flag in login response * feat(api): owner role is not allowed to change --- api/chalicelib/core/users.py | 3 ++- ee/api/chalicelib/core/users.py | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/api/chalicelib/core/users.py b/api/chalicelib/core/users.py index 87e87813d..a571607e8 100644 --- a/api/chalicelib/core/users.py +++ b/api/chalicelib/core/users.py @@ -107,7 +107,6 @@ def generate_new_invitation(user_id): return __get_invitation_link(cur.fetchone().pop("invitation_token")) - def reset_member(tenant_id, editor_id, user_id_to_update): admin = get(tenant_id=tenant_id, user_id=editor_id) if not admin["admin"] and not admin["superAdmin"]: @@ -282,6 +281,8 @@ def edit(user_id_to_update, tenant_id, changes, editor_id): admin = get(tenant_id=tenant_id, user_id=editor_id) if not admin["superAdmin"] and not admin["admin"]: return {"errors": ["unauthorized"]} + if user["superAdmin"]: + changes.pop("admin") keys = list(changes.keys()) for k in keys: diff --git a/ee/api/chalicelib/core/users.py b/ee/api/chalicelib/core/users.py index 7735ddca8..8bb64e26b 100644 --- a/ee/api/chalicelib/core/users.py +++ b/ee/api/chalicelib/core/users.py @@ -107,7 +107,6 @@ def generate_new_invitation(user_id): ) return __get_invitation_link(cur.fetchone().pop("invitation_token")) - def reset_member(tenant_id, editor_id, user_id_to_update): admin = get(tenant_id=tenant_id, user_id=editor_id) @@ -287,6 +286,8 @@ def edit(user_id_to_update, tenant_id, changes, editor_id): admin = get(tenant_id=tenant_id, user_id=editor_id) if not admin["superAdmin"] and not admin["admin"]: return {"errors": ["unauthorized"]} + if user["superAdmin"] and "admin" in changes: + changes.pop("admin") keys = list(changes.keys()) for k in keys: