fix(auth): ensure roles are initialized for API keys before modification

elibosley · elibosley · commit 0fd11d0af1b1 · 2025-08-27T15:39:28.000-04:00
Added checks to initialize the roles array for API keys if it is undefined, preventing potential errors when adding or removing roles. This change enhances the robustness of the role management functionality in the AuthService.
diff --git a/api/src/unraid-api/auth/auth.service.ts b/api/src/unraid-api/auth/auth.service.ts
@@ -201,6 +201,9 @@ export class AuthService {
         }
 
         try {
+            if (!apiKey.roles) {
+                apiKey.roles = [];
+            }
             if (!apiKey.roles.includes(role)) {
                 apiKey.roles.push(role);
                 await this.apiKeyService.saveApiKey(apiKey);
@@ -225,6 +228,9 @@ export class AuthService {
         }
 
         try {
+            if (!apiKey.roles) {
+                apiKey.roles = [];
+            }
             apiKey.roles = apiKey.roles.filter((r) => r !== role);
             await this.apiKeyService.saveApiKey(apiKey);
             await this.authzService.deleteRoleForUser(apiKeyId, role);
