Merge pull request #3759 from uselagoon/fix-last-accessed-check

fix: check if user has attributes before accessing attributes
uselagoon · Jul 3, 2024 · 42967be · 42967be
2 parents 0643fa0 + 811c5ba
commit 42967be
Show file tree

Hide file tree

Showing 3 changed files with 2 additions and 3 deletions.
diff --git a/services/api/src/apolloServer.js b/services/api/src/apolloServer.js
@@ -199,6 +199,7 @@ const apolloServer = new ApolloServer({
         currentUser = await User.User(modelClients).loadUserById(keycloakGrant.access_token.content.sub);
         // grab the users project ids and roles in the first request
         groupRoleProjectIds = await User.User(modelClients).getAllProjectsIdsForUser(currentUser.id, keycloakUsersGroups);
+        await User.User(modelClients).userLastAccessed(currentUser);
       }
 
       // do a permission check to see if the user is platform admin/owner, or has permission for `viewAll` on certain resources

diff --git a/services/api/src/models/user.ts b/services/api/src/models/user.ts
@@ -184,7 +184,7 @@ export const User = (clients: {
     for (const user of users) {
       // set the lastaccessed attribute
       let date = null;
-      if (user['attributes']['last_accessed']) {
+      if (user['attributes'] && user['attributes']['last_accessed']) {
         date = new Date(user['attributes']['last_accessed']*1000).toISOString()
       }
       usersWithGitlabIdFetch.push({

diff --git a/services/api/src/util/auth.ts b/services/api/src/util/auth.ts
@@ -187,8 +187,6 @@ export const keycloakHasPermission = (grant, requestCache, modelClients, service
       currentUser: [currentUser.id]
     };
 
-    await UserModel.userLastAccessed(currentUser);
-
     const usersAttribute = R.prop('users', attributes);
     if (usersAttribute && usersAttribute.length) {
       claims = {