fix: allow host role update user info (#2515)

2 years ago · d758ba2702
parent 0f126ec217
commit d758ba2702
1 changed files with 1 additions and 1 deletions
--- a/api/v2/user_service.go
+++ b/api/v2/user_service.go
@ -96,7 +96,7 @@ func (s *APIV2Service) UpdateUser(ctx context.Context, request *apiv2pb.UpdateUs
 	if err != nil {
 		return nil, status.Errorf(codes.Internal, "failed to get user: %v", err)
 	}
-	if currentUser.Username != username && currentUser.Role != store.RoleAdmin {
+	if currentUser.Username != username && currentUser.Role != store.RoleAdmin && currentUser.Role != store.RoleHost {
 		return nil, status.Errorf(codes.PermissionDenied, "permission denied")
 	}
 	if request.UpdateMask == nil || len(request.UpdateMask.Paths) == 0 {