Fixed roles param input validation
This commit is contained in:
parent
e887edf2dc
commit
7309cefd60
|
@ -18,6 +18,7 @@ use Appwrite\Database\Document;
|
|||
use Appwrite\Database\Validator\UID;
|
||||
use Appwrite\Database\Validator\Authorization;
|
||||
use Appwrite\Database\Exception\Duplicate;
|
||||
use Appwrite\Database\Validator\Key;
|
||||
use Appwrite\Template\Template;
|
||||
|
||||
$utopia->post('/v1/teams')
|
||||
|
@ -29,7 +30,7 @@ $utopia->post('/v1/teams')
|
|||
->label('sdk.method', 'create')
|
||||
->label('sdk.description', '/docs/references/teams/create-team.md')
|
||||
->param('name', null, function () { return new Text(100); }, 'Team name.')
|
||||
->param('roles', ['owner'], function () { return new ArrayList(new Text(128)); }, 'Array of strings. Use this param to set the roles in the team for the user who created it. The default role is **owner**. A role can be any string. Learn more about [roles and permissions](/docs/permissions).', true)
|
||||
->param('roles', ['owner'], function () { return new ArrayList(new Key()); }, 'Array of strings. Use this param to set the user roles in the team. A role can be any string. Learn more about [roles and permissions](/docs/permissions). Max length for each role is 32 chars.')
|
||||
->action(
|
||||
function ($name, $roles) use ($response, $projectDB, $user, $mode) {
|
||||
Authorization::disable();
|
||||
|
@ -216,7 +217,7 @@ $utopia->post('/v1/teams/:teamId/memberships')
|
|||
->param('teamId', '', function () { return new UID(); }, 'Team unique ID.')
|
||||
->param('email', '', function () { return new Email(); }, 'New team member email.')
|
||||
->param('name', '', function () { return new Text(100); }, 'New team member name.', true)
|
||||
->param('roles', [], function () { return new ArrayList(new Text(128)); }, 'Array of strings. Use this param to set the user roles in the team. A role can be any string. Learn more about [roles and permissions](/docs/permissions).')
|
||||
->param('roles', [], function () { return new ArrayList(new Key()); }, 'Array of strings. Use this param to set the user roles in the team. A role can be any string. Learn more about [roles and permissions](/docs/permissions). Max length for each role is 32 chars.')
|
||||
->param('url', '', function () use ($clients) { return new Host($clients); }, 'URL to redirect the user back to your app from the invitation email. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.') // TODO add our own built-in confirm page
|
||||
->action(
|
||||
function ($teamId, $email, $name, $roles, $url) use ($response, $mail, $project, $user, $audit, $projectDB, &$mode) {
|
||||
|
|
Loading…
Reference in a new issue