User email as impersonation if username is null (#7250)
This commit is contained in:
parent
bfc81b770a
commit
c8019edb57
|
@ -1,4 +1,4 @@
|
|||
import { User } from "@prisma/client";
|
||||
import type { User } from "@prisma/client";
|
||||
import CredentialsProvider from "next-auth/providers/credentials";
|
||||
import { getSession } from "next-auth/react";
|
||||
import { z } from "zod";
|
||||
|
@ -58,20 +58,20 @@ const ImpersonationProvider = CredentialsProvider({
|
|||
// If teamId is present -> parse the teamId and throw error itn ot number. If not present teamId is set to undefined
|
||||
const teamId = creds?.teamId ? teamIdschema.parse({ teamId: creds.teamId }).teamId : undefined;
|
||||
|
||||
if (session?.user.username === creds?.username) {
|
||||
if (session?.user.username === creds?.username || session?.user.email === creds?.username) {
|
||||
throw new Error("You cannot impersonate yourself.");
|
||||
}
|
||||
|
||||
if (!creds?.username) throw new Error("Username must be present");
|
||||
if (!creds?.username) throw new Error("User identifier must be present");
|
||||
// If you are an ADMIN we return way before team impersonation logic is executed, so NEXT_PUBLIC_TEAM_IMPERSONATION certainly true
|
||||
if (session?.user.role !== "ADMIN" && process.env.NEXT_PUBLIC_TEAM_IMPERSONATION === "false") {
|
||||
throw new Error("You do not have permission to do this.");
|
||||
}
|
||||
|
||||
// Get user who is being impersonated
|
||||
const impersonatedUser = await prisma.user.findUnique({
|
||||
const impersonatedUser = await prisma.user.findFirst({
|
||||
where: {
|
||||
username: creds?.username,
|
||||
OR: [{ username: creds?.username }, { email: creds?.username }],
|
||||
},
|
||||
select: {
|
||||
id: true,
|
||||
|
|
|
@ -5,7 +5,8 @@ import { useState } from "react";
|
|||
|
||||
import { WEBAPP_URL } from "@calcom/lib/constants";
|
||||
import { useLocale } from "@calcom/lib/hooks/useLocale";
|
||||
import { RouterOutputs, trpc } from "@calcom/trpc/react";
|
||||
import type { RouterOutputs } from "@calcom/trpc/react";
|
||||
import { trpc } from "@calcom/trpc/react";
|
||||
import useMeQuery from "@calcom/trpc/react/hooks/useMeQuery";
|
||||
import {
|
||||
Avatar,
|
||||
|
@ -251,7 +252,7 @@ export default function MemberListItem(props: Props) {
|
|||
onSubmit={async (e) => {
|
||||
e.preventDefault();
|
||||
await signIn("impersonation-auth", {
|
||||
username: props.member.username,
|
||||
username: props.member.username || props.member.email,
|
||||
teamId: props.team.id,
|
||||
});
|
||||
setShowImpersonateModal(false);
|
||||
|
|
Loading…
Reference in New Issue
Block a user