fix: Admin Logic for event-type API endpoint (#12482)
* Fix Admin logic * chore: fix prettier --------- Co-authored-by: Udit Takkar <udit222001@gmail.com>
This commit is contained in:
parent
48dde246e9
commit
16c5b070b6
|
@ -316,8 +316,13 @@ async function checkPermissions(req: NextApiRequest) {
|
|||
statusCode: 401,
|
||||
message: "ADMIN required for `userId`",
|
||||
});
|
||||
if (!isAdmin && body.teamId)
|
||||
throw new HttpError({
|
||||
statusCode: 401,
|
||||
message: "ADMIN required for `teamId`",
|
||||
});
|
||||
/* Admin users are required to pass in a userId or teamId */
|
||||
if (isAdmin && (!body.userId || !body.teamId))
|
||||
if (isAdmin && !body.userId && !body.teamId)
|
||||
throw new HttpError({ statusCode: 400, message: "`userId` or `teamId` required" });
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user