From cb33d7010767b77d0a06c6199495db5d3cb2da2c Mon Sep 17 00:00:00 2001
From: John Cardinal <support@ayanova.com>
Date: Mon, 18 Oct 2021 19:24:40 +0000
Subject: [PATCH]

---
 server/AyaNova/Controllers/UserController.cs | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/server/AyaNova/Controllers/UserController.cs b/server/AyaNova/Controllers/UserController.cs
index 2cae9461..12a608ec 100644
--- a/server/AyaNova/Controllers/UserController.cs
+++ b/server/AyaNova/Controllers/UserController.cs
@@ -55,7 +55,7 @@ namespace AyaNova.Api.Controllers
         [HttpGet("{id}")]
         public async Task<IActionResult> GetUser([FromRoute] long id)
         {
-            if (!serverState.IsOpen)
+            if (!serverState.IsOpen && UserIdFromContext.Id(HttpContext.Items) != 1)//bypass for superuser to fix fundamental problems
                 return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
 
             //Instantiate the business object handler
@@ -95,7 +95,7 @@ namespace AyaNova.Api.Controllers
         [HttpPut]
         public async Task<IActionResult> PutUser([FromBody] User updatedObject)
         {
-            if (!serverState.IsOpen)
+            if (!serverState.IsOpen && UserIdFromContext.Id(HttpContext.Items) != 1)//bypass for superuser to fix fundamental problems
                 return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
             if (!ModelState.IsValid)
                 return BadRequest(new ApiErrorResponse(ModelState));
@@ -198,7 +198,7 @@ namespace AyaNova.Api.Controllers
         [HttpDelete("{id}")]
         public async Task<IActionResult> DeleteUser([FromRoute] long id)
         {
-            if (!serverState.IsOpen)
+            if (!serverState.IsOpen && UserIdFromContext.Id(HttpContext.Items) != 1)//bypass for superuser to fix fundamental problems
                 return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
             if (!ModelState.IsValid)
                 return BadRequest(new ApiErrorResponse(ModelState));
@@ -225,7 +225,7 @@ namespace AyaNova.Api.Controllers
         [HttpGet("list")]
         public async Task<IActionResult> GetInsideUserList()
         {
-            if (!serverState.IsOpen)
+            if (!serverState.IsOpen && UserIdFromContext.Id(HttpContext.Items) != 1)//bypass for superuser to fix fundamental problems
                 return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
 
             if (!Authorized.HasReadFullRole(HttpContext.Items, AyaType.User))
@@ -350,7 +350,7 @@ namespace AyaNova.Api.Controllers
         public async Task<IActionResult> GetInsideStatus(long id)
         {
             //This method is used by the Client UI to determine the correct edit form to show
-            if (serverState.IsClosed)
+            if (serverState.IsClosed && UserIdFromContext.Id(HttpContext.Items) != 1)//bypass for superuser to fix fundamental problems
                 return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
 
             if (!Authorized.HasSelectRole(HttpContext.Items, AyaType.User))