CodeMirror/appwrite
1
0
Fork 0
mirror of synced 2024-05-20 20:52:36 +12:00
Code Issues Projects Releases Wiki Activity

Fixed membership creation from server

Browse source
This commit is contained in:
Eldad Fux 2020-07-09 13:53:46 +03:00
parent 5c794dd22b
commit 7010cc361d
3 changed files with 4 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
app/app.php
View file

@ -50,7 +50,7 @@ $clients = \array_unique(\array_merge($clientsConsole, \array_map(function ($nod
return false;
}))));
$utopia->init(function () use ($utopia, $request, $response, &$user, $project, $console, $webhook, $mail, $audit, $usage, $clients, &$mode) {
$utopia->init(function () use ($utopia, $request, $response, &$user, $project, $console, $webhook, $mail, $audit, $usage, $clients) {
$route = $utopia->match($request);
@ -160,7 +160,7 @@ $utopia->init(function () use ($utopia, $request, $response, &$user, $project, $
$role = Auth::USER_ROLE_APP;
$scopes = \array_merge($roles[$role]['scopes'], $key->getAttribute('scopes', []));
$mode = APP_MODE_SERVER;
Authorization::setDefaultStatus(false); // Cancel security segmentation for API keys.
}

4
app/controllers/api/teams.php
View file

@ -51,7 +51,7 @@ $utopia->post('/v1/teams')
throw new Exception('Failed saving team to DB', 500);
}
if ($mode !== APP_MODE_ADMIN && $user->getId()) { // Don't add user on server mode
if ($mode !== APP_MODE_ADMIN && $user->getId()) { // Don't add user on app/server mode
$membership = new Document([
'$collection' => Database::SYSTEM_COLLECTION_MEMBERSHIPS,
'$permissions' => [
@ -288,7 +288,7 @@ $utopia->post('/v1/teams/:teamId/memberships')
}
}
if (!$isOwner && (APP_MODE_ADMIN !== $mode) && (APP_MODE_SERVER !== $mode)) {
if (!$isOwner && (APP_MODE_ADMIN !== $mode) && $user->getId()) { // Not owner, not admin, not app (server)
throw new Exception('User is not allowed to send invitations for this team', 401);
}

1
app/init.php
View file

@ -31,7 +31,6 @@ const APP_EMAIL_TEAM = 'team@localhost.test'; // Default email address
const APP_EMAIL_SECURITY = 'security@localhost.test'; // Default security email address
const APP_USERAGENT = APP_NAME.'-Server v%s. Please report abuse at %s';
const APP_MODE_ADMIN = 'admin';
const APP_MODE_SERVER = 'server';
const APP_PAGING_LIMIT = 15;
const APP_CACHE_BUSTER = 125;
const APP_VERSION_STABLE = '0.6.2';