fix: executions permission validation
This commit is contained in:
parent
77fdd1ab35
commit
4eb298e4e0
2 changed files with 5 additions and 4 deletions
|
@ -802,7 +802,7 @@ App::get('/v1/functions/:functionId/executions')
|
|||
/** @var Appwrite\Utopia\Response $response */
|
||||
/** @var Appwrite\Database\Database $projectDB */
|
||||
|
||||
$function = $projectDB->getDocument($functionId);
|
||||
$function = $projectDB->getDocument($functionId, true, true, 'execute');
|
||||
|
||||
if (empty($function->getId()) || Database::SYSTEM_COLLECTION_FUNCTIONS != $function->getCollection()) {
|
||||
throw new Exception('Function not found', 404);
|
||||
|
@ -844,7 +844,7 @@ App::get('/v1/functions/:functionId/executions/:executionId')
|
|||
/** @var Appwrite\Utopia\Response $response */
|
||||
/** @var Appwrite\Database\Database $projectDB */
|
||||
|
||||
$function = $projectDB->getDocument($functionId);
|
||||
$function = $projectDB->getDocument($functionId, true, true, 'execute');
|
||||
|
||||
if (empty($function->getId()) || Database::SYSTEM_COLLECTION_FUNCTIONS != $function->getCollection()) {
|
||||
throw new Exception('Function not found', 404);
|
||||
|
|
|
@ -196,17 +196,18 @@ class Database
|
|||
* @param string $id
|
||||
* @param bool $mock is mocked data allowed?
|
||||
* @param bool $decode enable decoding?
|
||||
* @param string $permission permissions to read
|
||||
*
|
||||
* @return Document
|
||||
*/
|
||||
public function getDocument($id, bool $mock = true, bool $decode = true)
|
||||
public function getDocument($id, bool $mock = true, bool $decode = true, string $permission = 'read')
|
||||
{
|
||||
if (\is_null($id)) {
|
||||
return new Document();
|
||||
}
|
||||
|
||||
$document = new Document((isset($this->mocks[$id]) && $mock) ? $this->mocks[$id] : $this->adapter->getDocument($id));
|
||||
$validator = new Authorization($document, 'read');
|
||||
$validator = new Authorization($document, $permission);
|
||||
|
||||
if (!$validator->isValid($document->getPermissions())) { // Check if user has read access to this document
|
||||
return new Document();
|
||||
|
|
Loading…
Reference in a new issue