From ae99e87ed65508d7a51ed88644ca891244530115 Mon Sep 17 00:00:00 2001
From: Eric <eashaw@sailsjs.com>
Date: Tue, 14 Jan 2025 19:40:53 -0600
Subject: [PATCH] Website: update has-query-generator-access policy (#25442)

Changes:
- Updated the website's has-query-generator-access policy to allow super
admins to access the query generator page.
---
 website/api/policies/has-query-generator-access.js | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/website/api/policies/has-query-generator-access.js b/website/api/policies/has-query-generator-access.js
index 572db7db1d..27a84576be 100644
--- a/website/api/policies/has-query-generator-access.js
+++ b/website/api/policies/has-query-generator-access.js
@@ -23,12 +23,12 @@ module.exports = async function (req, res, proceed) {
     }
   }//•
 
-  // Check if this user can access the query generator.
-  if (!req.me.canUseQueryGenerator) {
-    return res.forbidden();
-  // Then check that this user is a "super admin".
-  } else if (!req.me.canUseQueryGenerator && !req.me.isSuperAdmin) {
-    return res.forbidden();
+  // Check that this user is a "super admin".
+  if(!req.me.isSuperAdmin) {
+    // Then check if this user can access the query generator.
+    if (!req.me.canUseQueryGenerator) {
+      return res.forbidden();
+    }
   }
 
   // IWMIH, this user can access the query generator.