Update to consume email from core response

supertokens · Sep 11, 2023 · 7e14de9 · 7e14de9
1 parent 6e7f54b
commit 7e14de9
Show file tree

Hide file tree

Showing 6 changed files with 23 additions and 14 deletions.
diff --git a/lib/build/recipe/dashboard/recipeImplementation.js b/lib/build/recipe/dashboard/recipeImplementation.js
@@ -96,18 +96,23 @@ function getRecipeImplementation() {
                             return true;
                         }
                         const admins = input.config.admins;
-                        // If the user has provided no admins, allow
-                        if (admins.length === 0) {
+                        if (admins === undefined) {
                             return true;
                         }
-                        const emailInHeaders = input.req.getHeaderValue("email");
-                        if (emailInHeaders === undefined) {
+                        if (admins.length === 0) {
+                            logger_1.logDebugMessage(
+                                "User Dashboard: Throwing OPERATION_NOT_ALLOWED because user is not an admin"
+                            );
+                            throw new error_1.default();
+                        }
+                        const userEmail = sessionVerificationResponse.email;
+                        if (userEmail === undefined || typeof userEmail !== "string") {
                             logger_1.logDebugMessage(
                                 "User Dashboard: Returning Unauthorised because no email was provided in headers"
                             );
                             return false;
                         }
-                        if (!admins.includes(emailInHeaders)) {
+                        if (!admins.includes(userEmail)) {
                             logger_1.logDebugMessage(
                                 "User Dashboard: Throwing OPERATION_NOT_ALLOWED because user is not an admin"
                             );

diff --git a/lib/build/recipe/dashboard/types.d.ts b/lib/build/recipe/dashboard/types.d.ts
@@ -15,7 +15,7 @@ export declare type TypeInput = {
 };
 export declare type TypeNormalisedInput = {
     apiKey?: string;
-    admins: string[];
+    admins?: string[];
     authMode: AuthMode;
     override: {
         functions: (

diff --git a/lib/build/recipe/dashboard/utils.js b/lib/build/recipe/dashboard/utils.js
@@ -78,7 +78,7 @@ function validateAndNormaliseUserInput(config) {
     ) {
         logger_1.logDebugMessage("User Dashboard: Providing 'admins' has no effect when using an apiKey.");
     }
-    let admins = [];
+    let admins;
     if ((config === null || config === void 0 ? void 0 : config.admins) !== undefined) {
         admins = config.admins.map((email) => utils_1.normaliseEmail(email));
     }

diff --git a/lib/ts/recipe/dashboard/recipeImplementation.ts b/lib/ts/recipe/dashboard/recipeImplementation.ts
@@ -59,21 +59,25 @@ export default function getRecipeImplementation(): RecipeInterface {
 
                     const admins = input.config.admins;
 
-                    // If the user has provided no admins, allow
-                    if (admins.length === 0) {
+                    if (admins === undefined) {
                         return true;
                     }
 
-                    const emailInHeaders = input.req.getHeaderValue("email");
+                    if (admins.length === 0) {
+                        logDebugMessage("User Dashboard: Throwing OPERATION_NOT_ALLOWED because user is not an admin");
+                        throw new RecipeError();
+                    }
+
+                    const userEmail = sessionVerificationResponse.email;
 
-                    if (emailInHeaders === undefined) {
+                    if (userEmail === undefined || typeof userEmail !== "string") {
                         logDebugMessage(
                             "User Dashboard: Returning Unauthorised because no email was provided in headers"
                         );
                         return false;
                     }
 
-                    if (!admins.includes(emailInHeaders)) {
+                    if (!admins.includes(userEmail)) {
                         logDebugMessage("User Dashboard: Throwing OPERATION_NOT_ALLOWED because user is not an admin");
                         throw new RecipeError();
                     }

diff --git a/lib/ts/recipe/dashboard/types.ts b/lib/ts/recipe/dashboard/types.ts
@@ -31,7 +31,7 @@ export type TypeInput = {
 
 export type TypeNormalisedInput = {
     apiKey?: string;
-    admins: string[];
+    admins?: string[];
     authMode: AuthMode;
     override: {
         functions: (

diff --git a/lib/ts/recipe/dashboard/utils.ts b/lib/ts/recipe/dashboard/utils.ts
@@ -49,7 +49,7 @@ export function validateAndNormaliseUserInput(config?: TypeInput): TypeNormalise
         logDebugMessage("User Dashboard: Providing 'admins' has no effect when using an apiKey.");
     }
 
-    let admins: string[] = [];
+    let admins: string[] | undefined;
 
     if (config?.admins !== undefined) {
         admins = config.admins.map((email) => normaliseEmail(email));