diff --git a/src/utils/auth.js b/src/utils/auth.js index 22be07e..275a43d 100644 --- a/src/utils/auth.js +++ b/src/utils/auth.js @@ -75,5 +75,5 @@ export async function isAuthorized(env, org, user) { }, []); if (!admins) return true; - return admins.some((admin) => admin === user.email); + return admins.some((admin) => admin.toLowerCase() === user.email.toLowerCase()); } diff --git a/test/utils/auth.test.js b/test/utils/auth.test.js index 7579fec..9f9a9cc 100644 --- a/test/utils/auth.test.js +++ b/test/utils/auth.test.js @@ -48,6 +48,11 @@ describe('Dark Alley auth', () => { assert.strictEqual(authed, true); }); + it('authorized if org and user match - case insensitive', async () => { + const authed = await isAuthorized(env, 'geometrixx', { email: 'ApaRkeR@geometrixx.info' }); + assert.strictEqual(authed, true); + }); + it('not authorized no user match', async () => { const authed = await isAuthorized(env, 'geometrixx', { email: 'chad@geometrixx.info' }); assert.strictEqual(authed, false); diff --git a/test/utils/mocks/env.js b/test/utils/mocks/env.js index 781586d..ad026e2 100644 --- a/test/utils/mocks/env.js +++ b/test/utils/mocks/env.js @@ -12,10 +12,10 @@ const DA_CONFIG = { "limit": 1, "offset": 0, "data": [ - { - "key": "admin.role.all", - "value": "aparker@geometrixx.info" - } + { + "key": "admin.role.all", + "value": "aPaRKer@Geometrixx.Info" + } ], ":type": "sheet" }