bug-fix-github_auth (#2504)

Author: Suvidh-kaushik

controllers/auth.js

@@ -188,7 +188,8 @@ const githubAuthCallback = (req, res, next) => {
       }
 
       const userDataFromDB = await users.fetchUser({ email: userData.email });
-      if (userDataFromDB.userExists && userDataFromDB.user?.role !== ROLES.DEVELOPER) {
+      const userRole = userDataFromDB.user?.role;
+      if (userDataFromDB.userExists && userRole && userRole !== ROLES.DEVELOPER) {
         return res.status(403).json({
           message: "Github Login is restricted for non-developers,please use Google Login",
         });

controllers/users.js

@@ -500,6 +500,9 @@ const updateSelf = async (req, res, next) => {
         }
         await userQuery.setIncompleteUserDetails(userId);
       }
+      if (role) {
+        return res.boom.forbidden("You are not authorized to perform this operation");
+      }
     }
 
     if (req.body.disabledRoles) {