fix: Admin Logic for event-type API endpoint (#12482)

* Fix Admin logic * chore: fix prettier --------- Co-authored-by: Udit Takkar <udit222001@gmail.com>
2023-11-22 13:46:03 +04:00 · 2023-11-22 13:46:03 +04:00 · 16c5b070b6
parent 48dde246e9
commit 16c5b070b6
1 changed files with 6 additions and 1 deletions
--- a/apps/api/pages/api/event-types/_post.ts
+++ b/apps/api/pages/api/event-types/_post.ts
@ -316,8 +316,13 @@ async function checkPermissions(req: NextApiRequest) {
      statusCode: 401,
      message: "ADMIN required for `userId`",
    });
+  if (!isAdmin && body.teamId)
+    throw new HttpError({
+      statusCode: 401,
+      message: "ADMIN required for `teamId`",
+    });
  /* Admin users are required to pass in a userId or teamId */
-  if (isAdmin && (!body.userId || !body.teamId))
+  if (isAdmin && !body.userId && !body.teamId)
    throw new HttpError({ statusCode: 400, message: "`userId` or `teamId` required" });
 }