diff --git a/services/web/app/src/Features/Helpers/AuthorizationHelper.js b/services/web/app/src/Features/Helpers/AuthorizationHelper.js index 3eb8cd11fd..8369f2d321 100644 --- a/services/web/app/src/Features/Helpers/AuthorizationHelper.js +++ b/services/web/app/src/Features/Helpers/AuthorizationHelper.js @@ -1,14 +1,10 @@ const { UserSchema } = require('../../models/User') -const { hasAdminAccess } = require('./AdminAuthorizationHelper') module.exports = { hasAnyStaffAccess, } function hasAnyStaffAccess(user) { - if (hasAdminAccess(user)) { - return true - } if (!user.staffAccess) { return false } diff --git a/services/web/app/src/Features/UserMembership/UserMembershipAuthorization.js b/services/web/app/src/Features/UserMembership/UserMembershipAuthorization.js index a5c2f8fa48..e7cd9caccf 100644 --- a/services/web/app/src/Features/UserMembership/UserMembershipAuthorization.js +++ b/services/web/app/src/Features/UserMembership/UserMembershipAuthorization.js @@ -1,13 +1,9 @@ -const { hasAdminAccess } = require('../Helpers/AdminAuthorizationHelper') const UserMembershipAuthorization = { hasStaffAccess(requiredStaffAccess) { return req => { if (!req.user) { return false } - if (hasAdminAccess(req.user)) { - return true - } return ( requiredStaffAccess && req.user.staffAccess && diff --git a/services/web/test/unit/src/HelperFiles/AuthorizationHelperTests.js b/services/web/test/unit/src/HelperFiles/AuthorizationHelperTests.js index ac0e84ee71..7a887e2beb 100644 --- a/services/web/test/unit/src/HelperFiles/AuthorizationHelperTests.js +++ b/services/web/test/unit/src/HelperFiles/AuthorizationHelperTests.js @@ -43,7 +43,7 @@ describe('AuthorizationHelper', function () { it('with admin user', function () { const user = { isAdmin: true } this.AdminAuthorizationHelper.hasAdminAccess.returns(true) - expect(this.AuthorizationHelper.hasAnyStaffAccess(user)).to.be.true + expect(this.AuthorizationHelper.hasAnyStaffAccess(user)).to.be.false }) it('with staff user', function () {