hailin
/
it0
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix(auth): allow platform_admin to access settings endpoints 

SettingsController was restricted to 'admin' only, blocking platform_admin
from the dashboard settings page (403 on general/api-keys/theme/account).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
hailin 2026-03-07 05:51:14 -08:00
parent 4aabda440f
commit 5b5b3ea70d
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
packages/services/auth-service/src/interfaces/rest/controllers/settings.controller.ts
View File

@ -20,7 +20,7 @@ import * as crypto from 'crypto';
@Controller('api/v1/admin/settings') @Controller('api/v1/admin/settings')
@UseGuards(RolesGuard) @UseGuards(RolesGuard)
@Roles('admin') @Roles('admin', 'platform_admin', 'platform_super_admin')
export class SettingsController { export class SettingsController {
// In-memory store for platform settings (would be a DB table in production) // In-memory store for platform settings (would be a DB table in production)
private generalSettings: Record<string, any> = { private generalSettings: Record<string, any> = {