From d758ba270254c1f00b0fb24e42696a1d60faa63e Mon Sep 17 00:00:00 2001 From: Vespa314 Date: Wed, 15 Nov 2023 11:43:49 +0800 Subject: [PATCH] fix: allow host role update user info (#2515) --- api/v2/user_service.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/api/v2/user_service.go b/api/v2/user_service.go index 161ca5ad..47aec805 100644 --- a/api/v2/user_service.go +++ b/api/v2/user_service.go @@ -96,7 +96,7 @@ func (s *APIV2Service) UpdateUser(ctx context.Context, request *apiv2pb.UpdateUs if err != nil { return nil, status.Errorf(codes.Internal, "failed to get user: %v", err) } - if currentUser.Username != username && currentUser.Role != store.RoleAdmin { + if currentUser.Username != username && currentUser.Role != store.RoleAdmin && currentUser.Role != store.RoleHost { return nil, status.Errorf(codes.PermissionDenied, "permission denied") } if request.UpdateMask == nil || len(request.UpdateMask.Paths) == 0 {