Bugfix/fix public page (#2065)

* Check for user in request because of public page * Update changelog
2 years ago · b4a126280f
parent 2d009aacc4
commit b4a126280f
2 changed files with 29 additions and 14 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -18,6 +18,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Fixed

 - Fixed an issue with the value nullification related to the investment streaks
+- Fixed an issue in the public page related to the impersonation service

 ## 1.278.0 - 2023-06-09

--- a/apps/api/src/services/impersonation/impersonation.service.ts
+++ b/apps/api/src/services/impersonation/impersonation.service.ts
@ -12,22 +12,36 @@ export class ImpersonationService {
  ) {}

  public async validateImpersonationId(aId = '') {
-    const accessObject = await this.prismaService.access.findFirst({
-      where: {
-        GranteeUser: { id: this.request.user.id },
-        id: aId
+    if (this.request.user) {
+      const accessObject = await this.prismaService.access.findFirst({
+        where: {
+          GranteeUser: { id: this.request.user.id },
+          id: aId
+        }
+      });
+
+      if (accessObject?.userId) {
+        return accessObject.userId;
+      } else if (
+        hasPermission(
+          this.request.user.permissions,
+          permissions.impersonateAllUsers
+        )
+      ) {
+        return aId;
      }
-    });
+    } else {
+      // Public access
+      const accessObject = await this.prismaService.access.findFirst({
+        where: {
+          GranteeUser: null,
+          User: { id: aId }
+        }
+      });

-    if (accessObject?.userId) {
-      return accessObject?.userId;
-    } else if (
-      hasPermission(
-        this.request.user.permissions,
-        permissions.impersonateAllUsers
-      )
-    ) {
-      return aId;
+      if (accessObject?.userId) {
+        return accessObject.userId;
+      }
    }

    return null;