From 5cd63144383aaf5ae7287d3759d25e334e2d7fd0 Mon Sep 17 00:00:00 2001
From: Justin Gasper <jmgasper@gmail.com>
Date: Mon, 20 May 2024 15:29:38 +1000
Subject: [PATCH] Add 'tgadmin' to administrator auth checks for Topgear

---
 src/services/ReviewService.js          | 2 +-
 src/services/ReviewSummationService.js | 2 +-
 src/services/SubmissionService.js      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/services/ReviewService.js b/src/services/ReviewService.js
index a8ec3f0..76f62d6 100644
--- a/src/services/ReviewService.js
+++ b/src/services/ReviewService.js
@@ -165,7 +165,7 @@ async function createReview (authUser, entity) {
     entity
   )
 
-  if (_.intersection(authUser.roles, ['Administrator', 'administrator']).length === 0 && !authUser.scopes) {
+  if (_.intersection(authUser.roles, ['Administrator', 'administrator', 'tgadmin']).length === 0 && !authUser.scopes) {
     if (entity.reviewedDate) {
       throw new errors.HttpStatusError(403, 'You are not allowed to set the `reviewedDate` attribute on a review')
     }
diff --git a/src/services/ReviewSummationService.js b/src/services/ReviewSummationService.js
index 6d59684..d56dabe 100644
--- a/src/services/ReviewSummationService.js
+++ b/src/services/ReviewSummationService.js
@@ -102,7 +102,7 @@ async function createReviewSummation (authUser, entity) {
     item.isFinal = entity.isFinal
   }
 
-  if (_.intersection(authUser.roles, ['Administrator', 'administrator']).length === 0 && !authUser.scopes) {
+  if (_.intersection(authUser.roles, ['Administrator', 'administrator', 'tgadmin']).length === 0 && !authUser.scopes) {
     if (entity.reviewedDate) {
       throw new errors.HttpStatusError(403, 'You are not allowed to set the `reviewedDate` attribute on a review summation')
     }
diff --git a/src/services/SubmissionService.js b/src/services/SubmissionService.js
index c9f7c1e..5635a94 100755
--- a/src/services/SubmissionService.js
+++ b/src/services/SubmissionService.js
@@ -403,7 +403,7 @@ async function createSubmission (authUser, files, entity) {
   }
 
   logger.info('Check User access before creating the submission')
-  if (_.intersection(authUser.roles, ['Administrator', 'administrator']).length === 0 && !authUser.scopes) {
+  if (_.intersection(authUser.roles, ['Administrator', 'administrator', 'tgadmin']).length === 0 && !authUser.scopes) {
     await helper.checkCreateAccess(authUser, item.memberId, challenge)
 
     if (entity.submittedDate) {