fix: select role from admin_users instead of admin_user_brands
Deploy to route.crispygoat.com / deploy (push) Has been cancelled

The membership query in getAdminUser() was selecting role from
adminUserBrands.adminUserId, which is wrong - admin_user_brands has no
role column. Role is stored in admin_users. Also added try/catch
around withPlatformAdmin to prevent DB errors from throwing.
This commit is contained in:
openclaw
2026-06-09 14:42:43 -06:00
parent b46e00fefd
commit 653dce747b
2 changed files with 81 additions and 62 deletions
+42 -35
View File
@@ -47,45 +47,52 @@ export async function getAdminUser(): Promise<AdminUser | null> {
if (!sessionEmail) return null;
return await withPlatformAdmin(async (db) => {
const userRows = await db
.select()
.from(adminUsers)
.where(eq(adminUsers.email, sessionEmail.toLowerCase()))
.limit(1);
const user = userRows[0];
if (!user) return null;
try {
return await withPlatformAdmin(async (db) => {
const userRows = await db
.select()
.from(adminUsers)
.where(eq(adminUsers.email, sessionEmail.toLowerCase()))
.limit(1);
const user = userRows[0];
if (!user) return null;
const membershipRows = await db
.select({
brandId: adminUserBrands.brandId,
brandName: brands.name,
brandSlug: brands.slug,
role: adminUserBrands.adminUserId,
})
.from(adminUserBrands)
.innerJoin(brands, eq(brands.id, adminUserBrands.brandId))
.where(eq(adminUserBrands.adminUserId, user.id))
.limit(1);
const membershipRows = await db
.select({
brandId: adminUserBrands.brandId,
brandName: brands.name,
brandSlug: brands.slug,
// Role comes from admin_users table, not admin_user_brands
role: adminUsers.role,
})
.from(adminUserBrands)
.innerJoin(brands, eq(brands.id, adminUserBrands.brandId))
.innerJoin(adminUsers, eq(adminUsers.id, adminUserBrands.adminUserId))
.where(eq(adminUserBrands.adminUserId, user.id))
.limit(1);
if (membershipRows.length === 0) {
// Signed in but not provisioned for any brand.
return null;
}
if (membershipRows.length === 0) {
// Signed in but not provisioned for any brand.
return null;
}
const m = membershipRows[0];
const role = user.role as AdminRole;
return buildAdminUser({
id: user.id,
email: user.email,
displayName: user.name,
brandId: m.brandId,
brandName: m.brandName,
brandSlug: m.brandSlug,
role,
active: true,
const m = membershipRows[0];
const role = user.role as AdminRole;
return buildAdminUser({
id: user.id,
email: user.email,
displayName: user.name,
brandId: m.brandId,
brandName: m.brandName,
brandSlug: m.brandSlug,
role,
active: true,
});
});
});
} catch (err) {
console.error("[admin-permissions] Database query failed:", err);
return null;
}
}
/**