Allow admins to update all models

gchq · Jan 7, 2025 · 1b8d7ab · 1b8d7ab
1 parent ad5036c
commit 1b8d7ab
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/backend/src/connectors/authorisation/base.ts b/backend/src/connectors/authorisation/base.ts
@@ -111,7 +111,11 @@ export class BasicAuthorisationConnector {
           return { id: model.id, success: false, info: 'You do not have permission to update a model card.' }
         }
 
-        if (ModelAction.Update === action && (await missingRequiredRole(user, model, ['owner', 'mtr', 'msro']))) {
+        if (
+          ModelAction.Update === action &&
+          (await missingRequiredRole(user, model, ['owner', 'mtr', 'msro'])) &&
+          !(await authentication.hasRole(user, Roles.Admin))
+        ) {
           return { id: model.id, success: false, info: 'You do not have permission to update a model.' }
         }