From 43308f82866aeec73fa38935625c8c7da52c1a12 Mon Sep 17 00:00:00 2001
From: luhaoling <2198702716@qq.com>
Date: Sun, 4 Feb 2024 16:06:20 +0800
Subject: [PATCH] fix: add Limiting judgement of get admin token

---
 internal/rpc/auth/auth.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/internal/rpc/auth/auth.go b/internal/rpc/auth/auth.go
index 659f44f1b..eaf63f868 100644
--- a/internal/rpc/auth/auth.go
+++ b/internal/rpc/auth/auth.go
@@ -85,6 +85,11 @@ func (s *authServer) GetUserToken(ctx context.Context, req *pbauth.GetUserTokenR
 		return nil, err
 	}
 	resp := pbauth.GetUserTokenResp{}
+
+	if authverify.IsManagerUserID(req.UserID) {
+		return nil, errs.ErrNoPermission.Wrap("don't get Admin token")
+	}
+
 	if _, err := s.userRpcClient.GetUserInfo(ctx, req.UserID); err != nil {
 		return nil, err
 	}