Fix team membership delete
This commit is contained in:
parent
86f209800a
commit
66f518b531
1 changed files with 8 additions and 0 deletions
|
@ -831,6 +831,14 @@ App::delete('/v1/teams/:teamId/memberships/:membershipId')
|
|||
throw new Exception('Team not found', 404, Exception::TEAM_NOT_FOUND);
|
||||
}
|
||||
|
||||
/**
|
||||
* Force document security
|
||||
*/
|
||||
$validator = new Authorization('delete');
|
||||
if (!$validator->isValid($membership->getDelete())) {
|
||||
throw new Exception('Unauthorized permissions', 401, Exception::USER_UNAUTHORIZED);
|
||||
}
|
||||
|
||||
try {
|
||||
$dbForProject->deleteDocument('memberships', $membership->getId());
|
||||
} catch (AuthorizationException $exception) {
|
||||
|
|
Loading…
Reference in a new issue