asyavee/medusa-store
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

chore(medusa): middleware policies (#14521)

Browse Source
This commit is contained in:
Carlos R. L. Rodrigues
2026-01-13 16:46:53 -03:00
committed by GitHub
parent cec8b8e428
commit 8426fca710
13 changed files with 146 additions and 99 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
packages/core/core-flows/src/rbac/steps/validate-user-permissions.ts
View File

@@ -38,10 +38,7 @@ export const validateUserPermissionsStep = createStep(
})
if (!users?.[0]?.rbac_roles || users[0].rbac_roles.length === 0) {
throw new MedusaError(
MedusaError.Types.UNAUTHORIZED,
`User does not have any roles assigned and cannot create roles or assign policies`
)
throw new MedusaError(MedusaError.Types.UNAUTHORIZED, "Unauthorized")
}
const operationMap = new Map()
@@ -79,18 +76,7 @@ export const validateUserPermissionsStep = createStep(
}
if (unauthorizedPolicies.length) {
const policyMap = new Map(
allUserPolicies.map((p) => [p.id, p.name || p.key])
)
const unauthorizedNames = unauthorizedPolicies
.map((id) => policyMap.get(id) || id)
.join(", ")
throw new MedusaError(
MedusaError.Types.UNAUTHORIZED,
`User does not have access to the following policies and cannot assign them: ${unauthorizedNames}`
)
throw new MedusaError(MedusaError.Types.UNAUTHORIZED, "Unauthorized")
}
}
)