fix: add Limiting judgement of get admin token

2025-12-03 02:42:19 +08:00 · 2024-02-04 16:06:20 +08:00 · 2024-02-04 16:06:20 +08:00 · 43308f8286
commit 43308f8286
parent bcd625045a
1 changed files with 5 additions and 0 deletions
--- a/internal/rpc/auth/auth.go
+++ b/internal/rpc/auth/auth.go
@ -85,6 +85,11 @@ func (s *authServer) GetUserToken(ctx context.Context, req *pbauth.GetUserTokenR
 		return nil, err
 	}
 	resp := pbauth.GetUserTokenResp{}
+
+	if authverify.IsManagerUserID(req.UserID) {
+		return nil, errs.ErrNoPermission.Wrap("don't get Admin token")
+	}
+
 	if _, err := s.userRpcClient.GetUserInfo(ctx, req.UserID); err != nil {
 		return nil, err
 	}