From e57012beb5b6cbe675862c7e18f1038d0674f463 Mon Sep 17 00:00:00 2001
From: Shashank Kulkarni <44693969+KulkarniShashank@users.noreply.github.com>
Date: Wed, 17 Jul 2024 18:40:33 +0530
Subject: [PATCH] fix: add validation in the user role guard (#854)

* fix: add validation in the user role guard

Signed-off-by: KulkarniShashank <shashank.kulkarni@ayanworks.com>

* fix: modify validation in the user role guard

Signed-off-by: KulkarniShashank <shashank.kulkarni@ayanworks.com>

* fix: modify validation and error message changes in the user role guard

Signed-off-by: KulkarniShashank <shashank.kulkarni@ayanworks.com>

---------

Signed-off-by: KulkarniShashank <shashank.kulkarni@ayanworks.com>
---
 apps/api-gateway/src/authz/guards/user-role.guard.ts | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/apps/api-gateway/src/authz/guards/user-role.guard.ts b/apps/api-gateway/src/authz/guards/user-role.guard.ts
index 778094571..3c3dc4d7a 100644
--- a/apps/api-gateway/src/authz/guards/user-role.guard.ts
+++ b/apps/api-gateway/src/authz/guards/user-role.guard.ts
@@ -8,8 +8,12 @@ export class UserRoleGuard implements CanActivate {
 
     const { user } = request;
 
-    if (user?.userRole && user?.userRole.includes('holder')) {
-      throw new ForbiddenException('This role is a holder.');
+    if (!user?.userRole) {
+      throw new ForbiddenException('This role is not a holder.');
+    }
+    
+    if (!user?.userRole.includes('holder')) {
+      throw new ForbiddenException('This role is not a holder.');
     }
 
     return true;