From 4214b4f61363017264cd59b8d4b1a9bc20f2631c Mon Sep 17 00:00:00 2001
From: michael-pattern <michael@patternresearch.net>
Date: Fri, 17 May 2024 10:59:20 -0400
Subject: [PATCH] Use LOGIN_PERMISSIONS_* to compile permissions directly
 instead of creating logins. Accept req.user.login in hasPermission

---
 packages/api/src/utility/hasPermission.js | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/packages/api/src/utility/hasPermission.js b/packages/api/src/utility/hasPermission.js
index 1d32fb222..d8c7d15bc 100644
--- a/packages/api/src/utility/hasPermission.js
+++ b/packages/api/src/utility/hasPermission.js
@@ -9,7 +9,8 @@ function hasPermission(tested, req) {
     return true;
   }
   const { user } = (req && req.auth) || {};
-  const key = user || '';
+  const { login } = (process.env.OAUTH_PERMISSIONS && req && req.user) || {};
+  const key = user || login || '';
   const logins = getLogins();
 
   if (!userPermissions[key]) {
@@ -58,11 +59,7 @@ function getLogins() {
     for (const permissions_key of login_permission_keys) {
       const login = permissions_key.replace('LOGIN_PERMISSIONS_', '');
       const permissions = process.env[permissions_key];
-      res.push({
-        login,
-        password: null,
-        permissions,
-      })
+      userPermissions[login] = compilePermissions(permissions);
     }
   }