diff --git a/arSam/handlers/activity/GET/index.js b/arSam/handlers/activity/GET/index.js index e491226..227636c 100644 --- a/arSam/handlers/activity/GET/index.js +++ b/arSam/handlers/activity/GET/index.js @@ -14,7 +14,9 @@ exports.handler = async (event, context) => { try { let permissionObject = event.requestContext.authorizer - permissionObject.roles = JSON.parse(permissionObject.roles) + permissionObject.roles = JSON.parse(permissionObject?.roles); + permissionObject.isAdmin = JSON.parse(permissionObject?.isAdmin || false); + permissionObject.isAuthenticated = JSON.parse(permissionObject?.isAuthenticated || false) if (!permissionObject.isAuthenticated) { logger.info("**NOT AUTHENTICATED, PUBLIC**"); diff --git a/arSam/handlers/activity/POST/index.js b/arSam/handlers/activity/POST/index.js index 27c9da2..40b782d 100644 --- a/arSam/handlers/activity/POST/index.js +++ b/arSam/handlers/activity/POST/index.js @@ -37,7 +37,9 @@ async function main(event, context, lock = null) { const warnIfVariance = event.queryStringParameters?.hasOwnProperty('warn') || false; let permissionObject = event.requestContext.authorizer; - permissionObject.roles = JSON.parse(permissionObject.roles); + permissionObject.roles = JSON.parse(permissionObject?.roles); + permissionObject.isAdmin = JSON.parse(permissionObject?.isAdmin || false); + permissionObject.isAuthenticated = JSON.parse(permissionObject?.isAuthenticated || false); if (!permissionObject.isAuthenticated) { logger.info("**NOT AUTHENTICATED, PUBLIC**"); diff --git a/arSam/handlers/export-variance/GET/index.js b/arSam/handlers/export-variance/GET/index.js index 440fea8..ce45e7c 100644 --- a/arSam/handlers/export-variance/GET/index.js +++ b/arSam/handlers/export-variance/GET/index.js @@ -41,7 +41,9 @@ exports.handler = async (event, context) => { try { let permissionObject = event.requestContext.authorizer; - permissionObject.roles = JSON.parse(permissionObject.roles); + permissionObject.roles = JSON.parse(permissionObject?.roles); + permissionObject.isAdmin = JSON.parse(permissionObject?.isAdmin || false); + permissionObject.isAuthenticated = JSON.parse(permissionObject?.isAuthenticated || false); if (!permissionObject.isAuthenticated) { return sendResponse(403, { msg: "Error: Not authenticated" }, context); diff --git a/arSam/handlers/export/GET/index.js b/arSam/handlers/export/GET/index.js index b38c19d..ca7eec4 100644 --- a/arSam/handlers/export/GET/index.js +++ b/arSam/handlers/export/GET/index.js @@ -41,7 +41,9 @@ exports.handler = async (event, context) => { try { let permissionObject = event.requestContext.authorizer; - permissionObject.roles = JSON.parse(permissionObject.roles); + permissionObject.roles = JSON.parse(permissionObject?.roles); + permissionObject.isAdmin = JSON.parse(permissionObject?.isAdmin || false); + permissionObject.isAuthenticated = JSON.parse(permissionObject?.isAuthenticated || false); if (!permissionObject.isAuthenticated) { return sendResponse(403, { msg: "Error: UnAuthenticated." }, context); diff --git a/arSam/handlers/fiscalYearEnd/POST/index.js b/arSam/handlers/fiscalYearEnd/POST/index.js index 9d6d6ee..32077eb 100644 --- a/arSam/handlers/fiscalYearEnd/POST/index.js +++ b/arSam/handlers/fiscalYearEnd/POST/index.js @@ -37,8 +37,10 @@ async function handleLockUnlock(isLocked, event, context) { async function checkPermissions(event) { - const permissionObject = event.requestContext.authorizer - permissionObject.roles = JSON.parse(permissionObject.roles) + let permissionObject = event.requestContext.authorizer + permissionObject.roles = JSON.parse(permissionObject?.roles); + permissionObject.isAdmin = JSON.parse(permissionObject?.isAdmin || false); + permissionObject.isAuthenticated = JSON.parse(permissionObject?.isAuthenticated || false) if (!permissionObject.isAdmin) { throw { diff --git a/arSam/handlers/park/GET/index.js b/arSam/handlers/park/GET/index.js index a960c51..42224fd 100644 --- a/arSam/handlers/park/GET/index.js +++ b/arSam/handlers/park/GET/index.js @@ -14,8 +14,10 @@ exports.handler = async (event, context) => { }; try { - const permissionObject = event.requestContext.authorizer; - permissionObject.roles = JSON.parse(permissionObject.roles); + let permissionObject = event.requestContext.authorizer; + permissionObject.roles = JSON.parse(permissionObject?.roles); + permissionObject.isAdmin = JSON.parse(permissionObject?.isAdmin || false); + permissionObject.isAuthenticated = JSON.parse(permissionObject?.isAuthenticated || false); if (!permissionObject.isAuthenticated) { logger.info("**NOT AUTHENTICATED, PUBLIC**"); diff --git a/arSam/handlers/park/POST/index.js b/arSam/handlers/park/POST/index.js index c1bc697..1439133 100644 --- a/arSam/handlers/park/POST/index.js +++ b/arSam/handlers/park/POST/index.js @@ -8,8 +8,10 @@ const { dynamoClient, exports.handler = async (event, context) => { logger.debug("Park POST:", event); try { - const permissionObject = event.requestContext.authorizer; - permissionObject.roles = JSON.parse(permissionObject.roles); + let permissionObject = event.requestContext.authorizer; + permissionObject.roles = JSON.parse(permissionObject?.roles); + permissionObject.isAdmin = JSON.parse(permissionObject?.isAdmin || false); + permissionObject.isAuthenticated = JSON.parse(permissionObject?.isAuthenticated || false); if (!permissionObject.isAuthenticated) { logger.info("**NOT AUTHENTICATED, PUBLIC**"); diff --git a/arSam/handlers/subArea/POST/index.js b/arSam/handlers/subArea/POST/index.js index d9f453e..4289483 100644 --- a/arSam/handlers/subArea/POST/index.js +++ b/arSam/handlers/subArea/POST/index.js @@ -20,8 +20,10 @@ const SSO_CLIENT_ID = process.env.SSO_CLIENT_ID || 'default-client'; exports.handler = async (event, context) => { logger.debug('Subarea POST:', event); try { - const permissionObject = event.requestContext.authorizer; - permissionObject.roles = JSON.parse(permissionObject.roles); + let permissionObject = event.requestContext.authorizer; + permissionObject.roles = JSON.parse(permissionObject?.roles); + permissionObject.isAdmin = JSON.parse(permissionObject?.isAdmin || false); + permissionObject.isAuthenticated = JSON.parse(permissionObject?.isAuthenticated || false); if (!permissionObject.isAuthenticated) { logger.info('**NOT AUTHENTICATED, PUBLIC**'); diff --git a/arSam/handlers/variance/GET/index.js b/arSam/handlers/variance/GET/index.js index 67cdf11..fba2aed 100644 --- a/arSam/handlers/variance/GET/index.js +++ b/arSam/handlers/variance/GET/index.js @@ -10,8 +10,10 @@ exports.handler = async (event, context) => { } try { - const permissionObject = event.requestContext.authorizer; - permissionObject.roles = JSON.parse(permissionObject.roles); + let permissionObject = event.requestContext.authorizer; + permissionObject.roles = JSON.parse(permissionObject?.roles); + permissionObject.isAdmin = JSON.parse(permissionObject?.isAdmin || false); + permissionObject.isAuthenticated = JSON.parse(permissionObject?.isAuthenticated || false); // Only admins see this route. if (permissionObject.isAdmin) { diff --git a/arSam/handlers/variance/PUT/index.js b/arSam/handlers/variance/PUT/index.js index 71137bd..3b17230 100644 --- a/arSam/handlers/variance/PUT/index.js +++ b/arSam/handlers/variance/PUT/index.js @@ -4,8 +4,10 @@ exports.handler = async (event, context) => { logger.debug("Variance PUT:", event); try { - const permissionObject = event.requestContext.authorizer; - permissionObject.roles = JSON.parse(permissionObject.roles); + let permissionObject = event.requestContext.authorizer; + permissionObject.roles = JSON.parse(permissionObject?.roles); + permissionObject.isAdmin = JSON.parse(permissionObject?.isAdmin || false); + permissionObject.isAuthenticated = JSON.parse(permissionObject?.isAuthenticated || false); if (!permissionObject.isAuthenticated) { logger.info("**NOT AUTHENTICATED, PUBLIC**");