maronato/cal
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

User email as impersonation if username is null (#7250)

This commit is contained in:
sean-brydon 2023-02-21 17:12:26 +00:00 committed by GitHub
parent bfc81b770a
commit c8019edb57
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 8 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
packages/features/ee/impersonation/lib/ImpersonationProvider.ts
View File

@ -1,4 +1,4 @@
import { User } from "@prisma/client"; import type { User } from "@prisma/client";
import CredentialsProvider from "next-auth/providers/credentials"; import CredentialsProvider from "next-auth/providers/credentials";
import { getSession } from "next-auth/react"; import { getSession } from "next-auth/react";
import { z } from "zod"; import { z } from "zod";
@ -58,20 +58,20 @@ const ImpersonationProvider = CredentialsProvider({
// If teamId is present -> parse the teamId and throw error itn ot number. If not present teamId is set to undefined // If teamId is present -> parse the teamId and throw error itn ot number. If not present teamId is set to undefined
const teamId = creds?.teamId ? teamIdschema.parse({ teamId: creds.teamId }).teamId : undefined; const teamId = creds?.teamId ? teamIdschema.parse({ teamId: creds.teamId }).teamId : undefined;
if (session?.user.username === creds?.username) { if (session?.user.username === creds?.username || session?.user.email === creds?.username) {
throw new Error("You cannot impersonate yourself."); throw new Error("You cannot impersonate yourself.");
} }
if (!creds?.username) throw new Error("Username must be present"); if (!creds?.username) throw new Error("User identifier must be present");
// If you are an ADMIN we return way before team impersonation logic is executed, so NEXT_PUBLIC_TEAM_IMPERSONATION certainly true // If you are an ADMIN we return way before team impersonation logic is executed, so NEXT_PUBLIC_TEAM_IMPERSONATION certainly true
if (session?.user.role !== "ADMIN" && process.env.NEXT_PUBLIC_TEAM_IMPERSONATION === "false") { if (session?.user.role !== "ADMIN" && process.env.NEXT_PUBLIC_TEAM_IMPERSONATION === "false") {
throw new Error("You do not have permission to do this."); throw new Error("You do not have permission to do this.");
} }
// Get user who is being impersonated // Get user who is being impersonated
const impersonatedUser = await prisma.user.findUnique({ const impersonatedUser = await prisma.user.findFirst({
where: { where: {
username: creds?.username, OR: [{ username: creds?.username }, { email: creds?.username }],
}, },
select: { select: {
id: true, id: true,

5
packages/features/ee/teams/components/MemberListItem.tsx
View File

@ -5,7 +5,8 @@ import { useState } from "react";
import { WEBAPP_URL } from "@calcom/lib/constants"; import { WEBAPP_URL } from "@calcom/lib/constants";
import { useLocale } from "@calcom/lib/hooks/useLocale"; import { useLocale } from "@calcom/lib/hooks/useLocale";
import { RouterOutputs, trpc } from "@calcom/trpc/react"; import type { RouterOutputs } from "@calcom/trpc/react";
import { trpc } from "@calcom/trpc/react";
import useMeQuery from "@calcom/trpc/react/hooks/useMeQuery"; import useMeQuery from "@calcom/trpc/react/hooks/useMeQuery";
import { import {
Avatar, Avatar,
@ -251,7 +252,7 @@ export default function MemberListItem(props: Props) {
onSubmit={async (e) => { onSubmit={async (e) => {
e.preventDefault(); e.preventDefault();
await signIn("impersonation-auth", { await signIn("impersonation-auth", {
username: props.member.username, username: props.member.username || props.member.email,
teamId: props.team.id, teamId: props.team.id,
}); });
setShowImpersonateModal(false); setShowImpersonateModal(false);