From 468ceb6b71456a97870d7d94066c64190f0ab7ac Mon Sep 17 00:00:00 2001
From: Yang Luo <hsluoyz@qq.com>
Date: Fri, 15 Dec 2023 21:30:38 +0800
Subject: [PATCH] Fix get-all-objects API 403 issue

---
 authz/authz.go | 3 +++
 object/role.go | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/authz/authz.go b/authz/authz.go
index 2f3e72c1..878ca20a 100644
--- a/authz/authz.go
+++ b/authz/authz.go
@@ -92,6 +92,9 @@ p, *, *, GET, /api/get-plan, *, *
 p, *, *, GET, /api/get-subscription, *, *
 p, *, *, GET, /api/get-provider, *, *
 p, *, *, GET, /api/get-organization-names, *, *
+p, *, *, GET, /api/get-all-objects, *, *
+p, *, *, GET, /api/get-all-actions, *, *
+p, *, *, GET, /api/get-all-roles, *, *
 `
 
 		sa := stringadapter.NewAdapter(ruleText)
diff --git a/object/role.go b/object/role.go
index 4cf981ef..c75ba37f 100644
--- a/object/role.go
+++ b/object/role.go
@@ -271,6 +271,9 @@ func getRolesByUserInternal(userId string) ([]*Role, error) {
 	if err != nil {
 		return roles, err
 	}
+	if user == nil {
+		return nil, fmt.Errorf("The user: %s doesn't exist", userId)
+	}
 
 	query := ormer.Engine.Alias("r").Where("r.users like ?", fmt.Sprintf("%%%s%%", userId))
 	for _, group := range user.Groups {