From 790c1fb34a6a8cba2d9be3084a3d05db6504a53d Mon Sep 17 00:00:00 2001
From: Nicholas Wallace <nicholaslwallace@gmail.com>
Date: Mon, 2 Sep 2024 10:28:03 -0700
Subject: [PATCH] Allow update of default permission keys missing for user

---
 server/controllers/UserController.js | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/server/controllers/UserController.js b/server/controllers/UserController.js
index d1b93695..6ef698e9 100644
--- a/server/controllers/UserController.js
+++ b/server/controllers/UserController.js
@@ -270,8 +270,10 @@ class UserController {
       const permissions = {
         ...user.permissions
       }
+      const defaultPermissions = Database.userModel.getDefaultPermissionsForUserType(updatePayload.type || 'user')
       for (const key in updatePayload.permissions) {
-        if (permissions[key] !== undefined) {
+        // Check that the key is a valid permission key or is included in the default permissions
+        if (permissions[key] !== undefined || defaultPermissions[key] !== undefined) {
           if (typeof updatePayload.permissions[key] !== 'boolean') {
             Logger.warn(`[UserController] update: Invalid permission value for key ${key}. Should be boolean`)
           } else if (permissions[key] !== updatePayload.permissions[key]) {