From c1377a8666c86eb38af7784988b6d0c861dfb45e Mon Sep 17 00:00:00 2001 From: Nicholas Wallace Date: Mon, 2 Sep 2024 09:07:02 -0700 Subject: [PATCH] Fix: root user cannot be edited --- server/controllers/UserController.js | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/server/controllers/UserController.js b/server/controllers/UserController.js index d1b93695c..73ab21f3b 100644 --- a/server/controllers/UserController.js +++ b/server/controllers/UserController.js @@ -226,7 +226,10 @@ class UserController { return res.status(400).send('Invalid username') } if (updatePayload.type && !Database.userModel.accountTypes.includes(updatePayload.type)) { - return res.status(400).send('Invalid account type') + // Root user is not included in the OAuth account types so it cannot be overwritten + if (updatePayload.type !== 'root') { + return res.status(400).send('Invalid account type') + } } if (updatePayload.permissions && typeof updatePayload.permissions !== 'object') { return res.status(400).send('Invalid permissions')