From c7d530d2d450e9c6f2dd4a16be8286a7366d464a Mon Sep 17 00:00:00 2001
From: Taha Yassine Kraiem <tahayk2@gmail.com>
Date: Tue, 30 Nov 2021 15:27:13 +0100
Subject: [PATCH] feat(api): fixed EE signup auth

---
 ee/api/chalicelib/core/users.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ee/api/chalicelib/core/users.py b/ee/api/chalicelib/core/users.py
index 5ba613875..452cfc303 100644
--- a/ee/api/chalicelib/core/users.py
+++ b/ee/api/chalicelib/core/users.py
@@ -619,11 +619,11 @@ def authenticate(email, password, for_change_password=False, for_plugin=False):
                     roles.name AS role_name,
                     roles.permissions
                 FROM public.users AS users INNER JOIN public.basic_authentication USING(user_id)
-                    LEFT JOIN public.roles USING (role_id)
+                    LEFT JOIN public.roles ON (roles.role_id = users.role_id AND roles.tenant_id = users.tenant_id)
                 WHERE users.email = %(email)s 
                     AND basic_authentication.password = crypt(%(password)s, basic_authentication.password)
                     AND basic_authentication.user_id = (SELECT su.user_id FROM public.users AS su WHERE su.email=%(email)s AND su.deleted_at IS NULL LIMIT 1)
-                    AND (roles.role_id IS NULL OR roles.deleted_at IS NULL AND roles.tenant_id = %(tenantId)s)
+                    AND (roles.role_id IS NULL OR roles.deleted_at IS NULL)
                 LIMIT 1;""",
             {"email": email, "password": password})