From 6bf03d0aa3d5a8d457b811700a2252fec816b85d Mon Sep 17 00:00:00 2001
From: Blake Niemyjski <bniemyjski@gmail.com>
Date: Sat, 2 Nov 2024 11:12:32 -0500
Subject: [PATCH] Fixed a bug with current user access checks

---
 src/Exceptionless.Web/Controllers/AuthController.cs | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/Exceptionless.Web/Controllers/AuthController.cs b/src/Exceptionless.Web/Controllers/AuthController.cs
index 27d2c7d0f..8948ad67e 100644
--- a/src/Exceptionless.Web/Controllers/AuthController.cs
+++ b/src/Exceptionless.Web/Controllers/AuthController.cs
@@ -477,7 +477,7 @@ public async Task<IActionResult> IsEmailAddressAvailableAsync(string email)
             return StatusCode(StatusCodes.Status204NoContent);
 
         email = email.Trim().ToLowerInvariant();
-        if (String.Equals(CurrentUser.EmailAddress, email, StringComparison.InvariantCultureIgnoreCase))
+        if (User.IsUserAuthType() && String.Equals(CurrentUser.EmailAddress, email, StringComparison.InvariantCultureIgnoreCase))
             return StatusCode(StatusCodes.Status201Created);
 
         // Only allow 3 checks attempts per hour period by a single ip.
@@ -631,7 +631,7 @@ private async Task AddGlobalAdminRoleIfFirstUserAsync(User user)
 
     private async Task<ActionResult<TokenResult>> ExternalLoginAsync<TClient>(ExternalAuthInfo authInfo, string? appId, string? appSecret, Func<IRequestFactory, IClientConfiguration, TClient> createClient) where TClient : OAuth2Client
     {
-        using var _ = _logger.BeginScope(new ExceptionlessState().Tag("External Login").Identity(CurrentUser.EmailAddress).Property("User", CurrentUser).SetHttpContext(HttpContext));
+        using var _ = _logger.BeginScope(new ExceptionlessState().Tag("External Login").SetHttpContext(HttpContext));
         if (String.IsNullOrEmpty(appId) || String.IsNullOrEmpty(appSecret))
             throw new ConfigurationErrorsException("Missing Configuration for OAuth provider");
 
@@ -679,7 +679,7 @@ private async Task<ActionResult<TokenResult>> ExternalLoginAsync<TClient>(Extern
     private async Task<User> FromExternalLoginAsync(UserInfo userInfo)
     {
         var existingUser = await _userRepository.GetUserByOAuthProviderAsync(userInfo.ProviderName, userInfo.Id);
-        using var _ = _logger.BeginScope(new ExceptionlessState().Tag("External Login").Identity(CurrentUser.EmailAddress).Property("User Info", userInfo).Property("User", CurrentUser).Property("ExistingUser", existingUser).SetHttpContext(HttpContext));
+        using var _ = _logger.BeginScope(new ExceptionlessState().Tag("External Login").Property("User Info", userInfo).Property("ExistingUser", existingUser).SetHttpContext(HttpContext));
 
         // Link user accounts.
         if (User.IsUserAuthType())