fix(acl): getting role for user in auth class
This commit is contained in:
parent
eaa3644f0f
commit
80c4e378b3
4 changed files with 8 additions and 10 deletions
|
@ -234,14 +234,13 @@ App::init(function ($utopia, $request, $response, $console, $project, $consoleDB
|
|||
]);
|
||||
|
||||
$role = Auth::USER_ROLE_APP;
|
||||
$scopes = \array_merge($roles[$role]['scopes'], $key->getAttribute('scopes', []));
|
||||
$scopes = \array_merge($roles[Auth::USER_ROLE_APP]['scopes'], $key->getAttribute('scopes', []));
|
||||
|
||||
Authorization::setRole('role:'.Auth::USER_ROLE_APP);
|
||||
Authorization::setDefaultStatus(false); // Cancel security segmentation for API keys.
|
||||
}
|
||||
}
|
||||
|
||||
Authorization::setRole('role:'.$role);
|
||||
|
||||
foreach (Auth::getRoles($user) as $role) {
|
||||
Authorization::setRole($role);
|
||||
}
|
||||
|
|
|
@ -261,10 +261,7 @@ $server->onOpen(function (int $connection, SwooleRequest $request) use ($server,
|
|||
throw new Exception($originValidator->getDescription(), 1008);
|
||||
}
|
||||
|
||||
$roles = [
|
||||
'role:' . (($user->isEmpty()) ? Auth::USER_ROLE_GUEST : Auth::USER_ROLE_MEMBER),
|
||||
...Auth::getRoles($user)
|
||||
];
|
||||
$roles = Auth::getRoles($user);
|
||||
|
||||
$channels = Realtime::convertChannels($request->getQuery('channels', []), $user);
|
||||
|
||||
|
|
|
@ -282,8 +282,9 @@ class Auth
|
|||
{
|
||||
if ($user->getId()) {
|
||||
$roles[] = 'user:'.$user->getId();
|
||||
$roles[] = 'role:'.Auth::USER_ROLE_MEMBER;
|
||||
} else {
|
||||
return [];
|
||||
return ['role:'.Auth::USER_ROLE_GUEST];
|
||||
}
|
||||
|
||||
foreach ($user->getAttribute('memberships', []) as $node) {
|
||||
|
|
|
@ -204,8 +204,8 @@ class AuthTest extends TestCase
|
|||
]);
|
||||
|
||||
$roles = Auth::getRoles($user);
|
||||
$this->assertCount(0, $roles);
|
||||
$this->assertEmpty($roles);
|
||||
$this->assertCount(1, $roles);
|
||||
$this->assertContains('role:guest', $roles);
|
||||
}
|
||||
|
||||
public function testUserRoles()
|
||||
|
@ -232,6 +232,7 @@ class AuthTest extends TestCase
|
|||
$roles = Auth::getRoles($user);
|
||||
|
||||
$this->assertCount(6, $roles);
|
||||
$this->assertContains('role:member', $roles);
|
||||
$this->assertContains('user:123', $roles);
|
||||
$this->assertContains('team:abc', $roles);
|
||||
$this->assertContains('team:abc/administrator', $roles);
|
||||
|
|
Loading…
Reference in a new issue