highperfocused/danswer
1
0
Fork 0
mirror of https://github.com/danswer-ai/danswer.git synced 2025-09-26 20:08:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

k

Browse Source
This commit is contained in:
pablodanswer
2024-12-28 17:26:35 -05:00
parent 340fab1375
commit 2ad8bdbc65
2 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
backend/onyx/auth/schemas.py
View File

@@ -49,4 +49,6 @@ class UserCreate(schemas.BaseUserCreate):
class UserUpdate(schemas.BaseUserUpdate): class UserUpdate(schemas.BaseUserUpdate):
role: UserRole # Role updates are not allowed through the user update endpoint for security reasons
# Role changes should be handled through a separate, admin-only process
pass

1
backend/onyx/auth/users.py
View File

@@ -252,7 +252,6 @@ class UserManager(UUIDIDMixin, BaseUserManager[User, uuid.UUID]):
if not user.role.is_web_login() and user_create.role.is_web_login(): if not user.role.is_web_login() and user_create.role.is_web_login():
user_update = UserUpdate( user_update = UserUpdate(
password=user_create.password, password=user_create.password,
role=user_create.role,
is_verified=user_create.is_verified, is_verified=user_create.is_verified,
) )
user = await self.update(user_update, user) user = await self.update(user_update, user)