diff --git a/ee/api/chalicelib/blueprints/bp_core_dynamic.py b/ee/api/chalicelib/blueprints/bp_core_dynamic.py index 8ce7d9bc2..bc2a9c5ef 100644 --- a/ee/api/chalicelib/blueprints/bp_core_dynamic.py +++ b/ee/api/chalicelib/blueprints/bp_core_dynamic.py @@ -386,7 +386,7 @@ def change_password_by_invitation(): data = app.current_request.json_body if data is None or len(data.get("invitation", "")) < 64 or len(data.get("pass", "")) < 8: return {"errors": ["please provide a valid invitation & pass"]} - user = users.get_by_invitation_token(token=data["token"], pass_token=data["pass"]) + user = users.get_by_invitation_token(token=data["invitation"], pass_token=data["pass"]) if user is None: return {"errors": ["invitation not found"]} if user["expiredChange"]: diff --git a/ee/api/chalicelib/core/users.py b/ee/api/chalicelib/core/users.py index 63946282e..3b8f2dbb9 100644 --- a/ee/api/chalicelib/core/users.py +++ b/ee/api/chalicelib/core/users.py @@ -183,7 +183,8 @@ def update(tenant_id, user_id, changes): (CASE WHEN users.role = 'owner' THEN TRUE ELSE FALSE END) AS super_admin, (CASE WHEN users.role = 'admin' THEN TRUE ELSE FALSE END) AS admin, (CASE WHEN users.role = 'member' THEN TRUE ELSE FALSE END) AS member, - users.appearance;""", + users.appearance, + users.role_id;""", {"tenant_id": tenant_id, "user_id": user_id, **changes}) ) @@ -257,7 +258,8 @@ def get(user_id, tenant_id): (CASE WHEN role = 'member' THEN TRUE ELSE FALSE END) AS member, appearance, api_key, - origin + origin, + role_id FROM public.users LEFT JOIN public.basic_authentication ON users.user_id=basic_authentication.user_id WHERE users.user_id = %(userId)s @@ -556,7 +558,7 @@ def get_by_invitation_token(token, pass_token=None): FROM public.users INNER JOIN public.basic_authentication USING(user_id) WHERE invitation_token = %(token)s {"AND change_pwd_token = %(pass_token)s" if pass_token else ""} LIMIT 1;""", - {"token": token, "pass_token": token}) + {"token": token, "pass_token": pass_token}) ) r = cur.fetchone() return helper.dict_to_camel_case(r)