fix 🐛: type fix and role assertion

src/external-jwt/get-accountability-for-token.ts

@@ -1,4 +1,4 @@
-import type { Accountability } from "@directus/types";
+import type { Accountability, Policy, User } from "@directus/types";
 import { getAuthProviders } from "./authProvider/get-auth-providers.js";
 
 import { verify_token } from "./verify-token.js";
@@ -27,7 +27,7 @@ const getUser = async (
   database: Knex,
   externalIdentifier: string | undefined,
   provider: string
-) => {
+): Promise<User & Policy> => {
   return database
     .select(
       "directus_users.id",
@@ -49,7 +49,7 @@ const getUser = async (
     .first();
 };
 
-const insertUser = async (database: Knex, user: Record<string, string | undefined>): Promise<unknown> => {
+const insertUser = async (database: Knex, user: Record<string, string | undefined>) => {
   await database("directus_users").insert(user);
   return getUser(database, user.external_identifier, user.provider!);
 };
@@ -128,12 +128,12 @@ export async function getAccountabilityForToken(
         }
 
         if (user) {
+          const userRoleId = user.role?.id || user.role as unknown as string;
           accountability.user = user.id;
-          accountability.role = user.role;
+          accountability.role = userRoleId;
-          accountability.roles = [user.role];
+          accountability.roles = [userRoleId];
-          accountability.admin =
+          accountability.admin = user.admin_access;
-            user.admin_access === true || user.admin_access == 1;
+          accountability.app = user.app_access;
-          accountability.app = user.app_access === true || user.app_access == 1;
 
           if (CacheEnabled() && result.sub) {
             await CacheSet(result.sub, accountability);