pacnpal/thrilltrack-explorer
1
0
Fork 0
mirror of https://github.com/pacnpal/thrilltrack-explorer.git synced 2025-12-22 15:51:12 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fix edge function role check

Browse Source
This commit is contained in:
gpt-engineer-app[bot]
2025-10-09 17:07:42 +00:00
parent 9866b87f7f
commit ff7c90e62d
1 changed files with 12 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
supabase/functions/process-selective-approval/index.ts
View File

@@ -88,21 +88,25 @@ serve(async (req) => {
);
// Check if user has moderator permissions using service role to bypass RLS
const { data: profile, error: profileError } = await supabase
.from('profiles')
const { data: roles, error: rolesError } = await supabase
.from('user_roles')
.select('role')
.eq('user_id', authenticatedUserId)
.single();
.eq('user_id', authenticatedUserId);
if (profileError || !profile) {
console.error('Failed to fetch profile:', profileError);
if (rolesError) {
console.error('Failed to fetch user roles:', rolesError);
return new Response(
JSON.stringify({ error: 'User profile not found.' }),
JSON.stringify({ error: 'Failed to verify user permissions.' }),
{ status: 403, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }
);
}
if (profile.role !== 'moderator' && profile.role !== 'admin') {
const userRoles = roles?.map(r => r.role) || [];
const isModerator = userRoles.includes('moderator') ||
userRoles.includes('admin') ||
userRoles.includes('superuser');
if (!isModerator) {
return new Response(
JSON.stringify({ error: 'Insufficient permissions. Moderator role required.' }),
{ status: 403, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }