From 38154f72e0e947fd8544976b6603fbfc87c2eeb5 Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens@goauthentik.io>
Date: Thu, 22 Aug 2024 17:38:52 +0200
Subject: [PATCH] rbac: check user type correctly

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---
 authentik/rbac/filters.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/authentik/rbac/filters.py b/authentik/rbac/filters.py
index 1b083fd75d1e..8cc79ca3d962 100644
--- a/authentik/rbac/filters.py
+++ b/authentik/rbac/filters.py
@@ -25,7 +25,7 @@ def filter_queryset(self, request: Request, queryset: QuerySet, view) -> QuerySe
         # Outposts (which are the only objects using internal service accounts)
         # except requests to return an empty list when they have no objects
         # assigned
-        if request.user.type == UserTypes.INTERNAL_SERVICE_ACCOUNT:
+        if getattr(request.user, "type", UserTypes.INTERNAL) == UserTypes.INTERNAL_SERVICE_ACCOUNT:
             return queryset
         if not queryset.exists():
             # User doesn't have direct permission to all objects