ben.carrasco/jambonz-api-server
1
0
Fork 0
mirror of https://github.com/jambonz/jambonz-api-server.git synced 2026-01-25 02:08:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

SP users were not able to update Phone numbers (#158)

Browse Source 
Co-authored-by: eglehelms <e.helms@cognigy.com>
This commit is contained in:
EgleH
2023-04-24 13:46:57 +02:00
committed by GitHub
parent a574045f8a
commit 105aa16ffe
1 changed files with 11 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
lib/routes/api/phone-numbers.js
View File

@@ -2,6 +2,7 @@ const router = require('express').Router();
const {DbErrorBadRequest, DbErrorForbidden} = require('../../utils/errors');
const PhoneNumber = require('../../models/phone-number');
const VoipCarrier = require('../../models/voip-carrier');
const Account = require('../../models/account');
const decorate = require('./decorate');
const {promisePool} = require('../../db');
const {e164} = require('../../utils/phone-number-utils');
@@ -67,7 +68,16 @@ async function validateUpdate(req, sid) {
}
}
if (req.user.hasServiceProviderAuth) {
if (phoneNumber && phoneNumber.length && phoneNumber[0].service_provider_sid !== req.user.service_provider_sid) {
let service_provider_sid;
if (!phoneNumber[0].service_provider_sid) {
const [r] = await Account.retrieve(phoneNumber[0].account_sid);
service_provider_sid = r.service_provider_sid;
} else {
service_provider_sid = phoneNumber[0].service_provider_sid;
}
if (phoneNumber && phoneNumber.length && service_provider_sid !== req.user.service_provider_sid) {
throw new DbErrorForbidden('insufficient privileges');
}
}