Added additional check for external token

AOT-Technologies · Jun 14, 2024 · 765eff1 · 765eff1
1 parent 5623b10
commit 765eff1
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/src/middleware/filterBundleSubmissionData.js b/src/middleware/filterBundleSubmissionData.js
@@ -16,7 +16,9 @@ module.exports = function (router) {
       !res.resource ||
       !res.resource.item ||
       !req.isBundle ||
-      (req.isBundle && req.isAdmin)
+      (req.isBundle && req.isAdmin && !req.token?.external) 
+      /* Added an external check because in non-multi-tenant cases, 
+      the designer token has admin permissions, making the token external.*/
     ) {
       return next();
     }