From aa58b9e7452e2bc0ca00a5dc945b5d194fecbbeb Mon Sep 17 00:00:00 2001 From: hailin Date: Sun, 4 Jan 2026 04:07:23 -0800 Subject: [PATCH] fix(leaderboard-service): fix AdminGuard role case sensitivity MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The AdminAccount table stores roles in lowercase (admin, super_admin), but AdminGuard was checking for uppercase (ADMIN, SUPER_ADMIN). This caused 403 Forbidden errors for authenticated admin users. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 --- .../leaderboard-service/src/api/guards/admin.guard.ts | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/backend/services/leaderboard-service/src/api/guards/admin.guard.ts b/backend/services/leaderboard-service/src/api/guards/admin.guard.ts index 9ed85ed0..b5c030cd 100644 --- a/backend/services/leaderboard-service/src/api/guards/admin.guard.ts +++ b/backend/services/leaderboard-service/src/api/guards/admin.guard.ts @@ -11,7 +11,9 @@ export class AdminGuard implements CanActivate { } // 检查用户是否具有管理员角色 - const isAdmin = user.role === 'ADMIN' || user.role === 'SUPER_ADMIN'; + // 支持大小写: admin/ADMIN, super_admin/SUPER_ADMIN + const role = user.role?.toLowerCase(); + const isAdmin = role === 'admin' || role === 'super_admin'; if (!isAdmin) { throw new ForbiddenException('需要管理员权限');