From cc737ca7d3255ca6a6e16466fe7f058e67375cfc Mon Sep 17 00:00:00 2001
From: greysoh <me@greysoh.dev>
Date: Sun, 21 Apr 2024 16:10:56 -0400
Subject: [PATCH] feature: Changes root tokens to use a special field.

This makes it not have to look through the entire database to figure out your user.
---
 src/libs/permissions.ts   | 6 +++++-
 src/routes/user/create.ts | 4 +++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/libs/permissions.ts b/src/libs/permissions.ts
index e14dbb5..02342d9 100644
--- a/src/libs/permissions.ts
+++ b/src/libs/permissions.ts
@@ -69,7 +69,11 @@ export async function hasPermissionByToken(permissionList: string[], token: stri
   // Fine, we'll look up for global tokens...
   // FIXME: Could this be more efficient? IDs are sequential in SQL I think
   if (userID == -1) {
-    const allUsers = await prisma.user.findMany();
+    const allUsers = await prisma.user.findMany({
+      where: {
+        isRootServiceAccount: true
+      }
+    });
   
     for (const user of allUsers) {
       if (user.rootToken == token) userID = user.id;
diff --git a/src/routes/user/create.ts b/src/routes/user/create.ts
index 6f80e80..221c254 100644
--- a/src/routes/user/create.ts
+++ b/src/routes/user/create.ts
@@ -76,7 +76,9 @@ export function route(fastify: FastifyInstance, prisma: PrismaClient, tokens: Re
 
     if (options.allowUnsafeGlobalTokens) {
       // @ts-ignore
-      userData.rootToken = generateToken() as unknown as null;
+      userData.rootToken = generateToken();
+      // @ts-ignore
+      userData.isRootServiceAccount = true;
     }
 
     const userCreateResults = await prisma.user.create({