fix: Admin Logic for event-type API endpoint (#12482)
* Fix Admin logic * chore: fix prettier --------- Co-authored-by: Udit Takkar <udit222001@gmail.com>
This commit is contained in:
parent
48dde246e9
commit
16c5b070b6
|
@ -316,8 +316,13 @@ async function checkPermissions(req: NextApiRequest) {
|
||||||
statusCode: 401,
|
statusCode: 401,
|
||||||
message: "ADMIN required for `userId`",
|
message: "ADMIN required for `userId`",
|
||||||
});
|
});
|
||||||
|
if (!isAdmin && body.teamId)
|
||||||
|
throw new HttpError({
|
||||||
|
statusCode: 401,
|
||||||
|
message: "ADMIN required for `teamId`",
|
||||||
|
});
|
||||||
/* Admin users are required to pass in a userId or teamId */
|
/* Admin users are required to pass in a userId or teamId */
|
||||||
if (isAdmin && (!body.userId || !body.teamId))
|
if (isAdmin && !body.userId && !body.teamId)
|
||||||
throw new HttpError({ statusCode: 400, message: "`userId` or `teamId` required" });
|
throw new HttpError({ statusCode: 400, message: "`userId` or `teamId` required" });
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user