ben.carrasco/jambonz-api-server
1
0
Fork 0
mirror of https://github.com/jambonz/jambonz-api-server.git synced 2025-12-19 05:47:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

user should be able to change the temprary password (#407)

Browse Source 
Refer to https://github.com/jambonz/jambonz-api-server/issues/406
This commit is contained in:
rammohan-y
2025-04-09 19:02:15 +05:30
committed by GitHub
parent 4c935c7fda
commit e24f3472ae
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/middleware.js
View File

@@ -33,6 +33,10 @@ function verifyViewOnlyUser(req, res, next) {
if (req.method === 'GET') { if (req.method === 'GET') {
return next(); return next();
} }
// current user is changing their password which shuould be allowed
if (req.body?.old_password && req.body?.new_password) {
return next();
}
// Check if user is read-only // Check if user is read-only
if (req.user && !!req.user.is_view_only) { if (req.user && !!req.user.is_view_only) {
const upError = new UserPermissionError('User has view-only access'); const upError = new UserPermissionError('User has view-only access');