From b6c6dba72188f15099f8e6b0b8d0c05b90fd8f3e Mon Sep 17 00:00:00 2001
From: Andrew Kingston <aptkingston@ssl-mail.com>
Date: Wed, 7 Jul 2021 11:28:35 +0100
Subject: [PATCH] Don't attempt to enrich a user object whenever the role is
 PUBLIC to avoid 403s

---
 packages/client/src/api/auth.js | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/packages/client/src/api/auth.js b/packages/client/src/api/auth.js
index 426d4f08d0..6ea105d9f9 100644
--- a/packages/client/src/api/auth.js
+++ b/packages/client/src/api/auth.js
@@ -24,7 +24,12 @@ export const logIn = async ({ email, password }) => {
 export const fetchSelf = async () => {
   const user = await API.get({ url: "/api/self" })
   if (user?._id) {
-    return (await enrichRows([user], TableNames.USERS))[0]
+    if (user.roleId === "PUBLIC") {
+      // Don't try to enrich a public user as it will 403
+      return user
+    } else {
+      return (await enrichRows([user], TableNames.USERS))[0]
+    }
   } else {
     return null
   }