groombook/app
Archived
13
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(api): correct superuser guard condition from <= 1 to < 1

Browse Source 
The guardrail should block ONLY when there are zero other active super
users. With the previous <= 1 condition, revoking/deleting a superuser
was incorrectly blocked when there were exactly 2 superusers total
(count of 1 other <= 1 triggered the block). Change to < 1 so that
having 1+ other superuser(s) correctly allows the operation.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
groombook-ci[bot]
2026-03-29 20:47:26 +00:00
parent 7523d4cbd9
commit 9724327559
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/api/src/routes/staff.ts
+2 -2
View File
@@ -120,7 +120,7 @@ staffRouter.patch("/:id", zValidator("json", updateStaffSchema), async (c) => {
.where(and(eq(staff.isSuperUser, true), eq(staff.active, true), ne(staff.id, targetId)))
.limit(2);
if (superUserCount.length <= 1) {
if (superUserCount.length < 1) {
return [
body.isSuperUser === false
? "Cannot revoke the last super user. Assign another super user first."
@@ -201,7 +201,7 @@ staffRouter.delete("/:id", async (c) => {
.from(staff)
.where(and(eq(staff.isSuperUser, true), eq(staff.active, true), ne(staff.id, id)))
.limit(2);
if (superUserCount.length <= 1) {
if (superUserCount.length < 1) {
return ["Cannot delete the last super user. Assign another super user first.", null];
}
}