Fix/user update fails

apps/admin-server/src/components/user-role-dropdown-list.tsx

@@ -9,14 +9,18 @@ import {
 const UserRoleDropdownList = ({
   roleId,
   addProject,
+  disabled = false
 }: {
   roleId?: string;
   addProject: (roleId: string) => void;
+  disabled?: boolean;
 }) => {
   return (
     <Select
       defaultValue={roleId ? roleId : ''}
-      onValueChange={(value: string) => addProject(value)}>
+      onValueChange={(value: string) => addProject(value)}
+      disabled={disabled}
+    >
       <SelectTrigger>
         <SelectValue placeholder="" />
       </SelectTrigger>

apps/admin-server/src/pages/users/[user]/projects.tsx

@@ -118,6 +118,9 @@ export default function CreateUserProjects() {
                 } else {
                   user = users.find((user:any) => user.projectId == project.id);
                 }
+
+                const cannotCreateNewUsers = project?.config?.users?.canCreateNewUsers === false;
+
                 return (
                   <li key={project.id} className="grid grid-cols-1 lg:grid-cols-2 items-center py-3 h-fit hover:bg-secondary-background hover:cursor-pointer border-b border-border">
                     <Paragraph className="truncate">{project.name}</Paragraph>
@@ -127,6 +130,7 @@ export default function CreateUserProjects() {
                         addProject={(roleId) => {
                           addProject(project.id, roleId);
                         }}
+                        disabled={cannotCreateNewUsers}
                       />
                     </Paragraph>
                   </li>

apps/api-server/src/middleware/user.js

@@ -124,7 +124,7 @@ async function getUserInstance({ authConfig, authProvider, userId, isFixed, proj
     }
 
     if (!dbUser || ( !dbUser.idpUser || !dbUser.idpUser.accesstoken ) ) {
-      return {};
+      return dbUser;
     }
 
   } catch(err) {

apps/api-server/src/models/User.js

@@ -45,51 +45,7 @@ module.exports = function (db, sequelize, DataTypes) {
       },
 			auth:  {
         viewableBy: ['moderator', 'owner'],
-				/**
-				 * In case of setting the role
-				 * Admin are allowed to set all roles, but moderators only are allowed
-				 * to set members.
-				 *
-				 * @param actionUserRole
-				 * @param action (c)
-				 * @param user ()
-				 * @param self (user model)
-				 * @param project (project on which model is queried)
-				 */
-				authorizeData: function(actionUserRole, action, user, self, project) {
-					if (!self) return;
-
-					const updateAllRoles = ['admin'];
-					const updateMemberRoles = ['moderator'];
-					const fallBackRole = 'anonymous';
-					const memberRole = 'member';
-
-					// this is the role for User on which action is performed, not of the user doing the update
-          actionUserRole = actionUserRole || self.role;
-
-					// by default return anonymous role if none of the conditions are met
-					let roleToReturn;
-
-					// only for create and update check if allowed, the other option, view and list
-					// for now its ok if a the public sees the role
-					// for fields no DELETE action exists
-					if (action === 'create' || action === 'update') {
-						// if user is allowed to update all status
-						if (userHasRole(user, updateAllRoles)) {
-							roleToReturn = actionUserRole;
-						  // check if active user is allowed to set user's role to member
-						} else if (userHasRole(user, updateMemberRoles) && actionUserRole === memberRole) {
-							roleToReturn = actionUserRole;
-						} else {
-							roleToReturn = fallBackRole;
-						}
-
-					} else {
-						roleToReturn = actionUserRole;
-					}
-
-					return roleToReturn;
-				},
+        updateableBy: ['admin']
 			},
     },
 
@@ -284,9 +240,10 @@ module.exports = function (db, sequelize, DataTypes) {
       allowNull: true,
       defaultValue: null,
       validate: {
-        is: {
-          args: [/^\d{4} ?[a-zA-Z]{2}$/],
-          msg: 'Ongeldige postcode'
+        isValidPostcode(value) {
+          if (value && !/^\d{4} ?[a-zA-Z]{2}$/.test(value)) {
+            throw new Error('Ongeldige postcode');
+          }
         }
       },
       set: function (postcode) {
@@ -678,10 +635,12 @@ module.exports = function (db, sequelize, DataTypes) {
       if (instance.projectId && !instance.config) {
         db.Project.findByPk(instance.projectId)
           .then(project => {
-            instance.config = merge.recursive(true, config, project.config);
-            return project;
-          })
-          .then(project => {
+            if (project && project.config) {
+              instance.config = merge.recursive(true, config, project.config);
+              return project;
+            } else {
+              instance.config = merge.recursive(true, config);
+            }
             return resolve();
           }).catch(err => {
             throw err;