CodeMirror/appwrite
1
0
Fork 0
mirror of synced 2024-10-02 10:16:27 +13:00
Code Issues Projects Releases Wiki Activity

Merge pull request #5580 from appwrite/fix-project-deletion-master

Browse source 
remove password required for project deletion
This commit is contained in:
Christy Jacob 2023-06-22 22:52:59 +05:30 committed by GitHub
commit 9f2bf844c7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 5 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
app/controllers/api/projects.php
View file

@ -684,17 +684,11 @@ App::delete('/v1/projects/:projectId')
->label('sdk.response.code', Response::STATUS_CODE_NOCONTENT)
->label('sdk.response.model', Response::MODEL_NONE)
->param('projectId', '', new UID(), 'Project unique ID.')
->param('password', '', new Password(), 'Your user password for confirmation. Must be at least 8 chars.')
->inject('response')
->inject('user')
->inject('dbForConsole')
->inject('deletes')
->action(function (string $projectId, string $password, Response $response, Document $user, Database $dbForConsole, Delete $deletes) {
if (!Auth::passwordVerify($password, $user->getAttribute('password'), $user->getAttribute('hash'), $user->getAttribute('hashOptions'))) { // Double check user password
throw new Exception(Exception::USER_INVALID_CREDENTIALS);
}
->action(function (string $projectId, Response $response, Document $user, Database $dbForConsole, Delete $deletes) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {

10
tests/e2e/Services/Projects/ProjectsConsoleClientTest.php
View file

@ -3012,15 +3012,13 @@ class ProjectsConsoleClientTest extends Scope
$this->assertEquals(200, $project['headers']['status-code']);
// Delete team
$team = $this->client->call(Client::METHOD_DELETE, '/projects/' . $projectId, array_merge([
// Delete Project
$project = $this->client->call(Client::METHOD_DELETE, '/projects/' . $projectId, array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'password' => 'password'
]);
], $this->getHeaders()));
$this->assertEquals(204, $team['headers']['status-code']);
$this->assertEquals(204, $project['headers']['status-code']);
// Ensure I can get team but not a project
$team = $this->client->call(Client::METHOD_GET, '/teams/' . $teamId, array_merge([