CodeMirror/appwrite
1
0
Fork 0
mirror of synced 2024-10-03 19:53:33 +13:00
Code Issues Projects Releases Wiki Activity

fix: remove unnecessary owner check

Browse source
This commit is contained in:
Torsten Dittmann 2023-03-15 11:55:21 +01:00
parent bfdb7830d0
commit 08d588aeb1
1 changed files with 0 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
app/controllers/api/teams.php
View file

@ -300,15 +300,6 @@ App::put('/v1/teams/:teamId/prefs')
throw new Exception(Exception::TEAM_NOT_FOUND);
}
$roles = Authorization::getRoles();
$isPrivilegedUser = Auth::isPrivilegedUser($roles);
$isAppUser = Auth::isAppUser($roles);
$isOwner = Authorization::isRole("team:{$team->getId()}/owner");
if (!$isOwner && !$isPrivilegedUser && !$isAppUser) {
throw new Exception(Exception::USER_UNAUTHORIZED, 'User is not allowed to update preferences for this team');
}
$team = $dbForProject->updateDocument('teams', $team->getId(), $team->setAttribute('prefs', $prefs));
$events->setParam('teamId', $team->getId());