chore: v1.2.3

fix: add guard
2025-11-10 20:42:34 +10:00 · 2023-12-02 14:56:00 +11:00 · 2023-12-02 14:55:26 +11:00
3 changed files with 10 additions and 2 deletions
--- a/apps/marketing/package.json
+++ b/apps/marketing/package.json
@ -1,6 +1,6 @@
 {
  "name": "@documenso/marketing",
-  "version": "1.2.2",
+  "version": "1.2.3",
  "private": true,
  "license": "AGPL-3.0",
  "scripts": {
--- a/apps/web/package.json
+++ b/apps/web/package.json
@ -1,6 +1,6 @@
 {
  "name": "@documenso/web",
-  "version": "1.2.2",
+  "version": "1.2.3",
  "private": true,
  "license": "AGPL-3.0",
  "scripts": {
--- a/apps/web/src/app/(dashboard)/admin/users/fetch-users.actions.ts
+++ b/apps/web/src/app/(dashboard)/admin/users/fetch-users.actions.ts
@ -1,8 +1,16 @@
 'use server';

+import { getRequiredServerComponentSession } from '@documenso/lib/next-auth/get-server-component-session';
+import { isAdmin } from '@documenso/lib/next-auth/guards/is-admin';
 import { findUsers } from '@documenso/lib/server-only/user/get-all-users';

 export async function search(search: string, page: number, perPage: number) {
+  const { user } = await getRequiredServerComponentSession();
+
+  if (!isAdmin(user)) {
+    throw new Error('Unauthorized');
+  }
+
  const results = await findUsers({ username: search, email: search, page, perPage });

  return results;
Author	SHA1	Message	Date
Mythie	b903de983b	chore: v1.2.3	2023-12-02 14:56:00 +11:00
Mythie	6b519a67c2	fix: add guard	2023-12-02 14:55:26 +11:00