From bed6eb70afbf48cc964476e641ea596f2ed6ed65 Mon Sep 17 00:00:00 2001 From: Jake Barnby Date: Fri, 5 Aug 2022 17:23:32 +1200 Subject: [PATCH] Replace write refs --- app/controllers/api/projects.php | 20 +++++++++++++++----- app/controllers/api/teams.php | 12 +++++++++--- app/controllers/api/users.php | 4 +++- 3 files changed, 27 insertions(+), 9 deletions(-) diff --git a/app/controllers/api/projects.php b/app/controllers/api/projects.php index 89e606de4..203aa941b 100644 --- a/app/controllers/api/projects.php +++ b/app/controllers/api/projects.php @@ -87,7 +87,9 @@ App::post('/v1/projects') '$id' => $projectId, '$permissions' => [ 'read(team:' . $teamId . ')', - 'write(team:' . $teamId . '/owner, team:' . $teamId . '/developer)', + 'create(team:' . $teamId . '/owner, team:' . $teamId . '/developer)', + 'update(team:' . $teamId . '/owner, team:' . $teamId . '/developer)', + 'delete(team:' . $teamId . '/owner, team:' . $teamId . '/developer)', ], 'name' => $name, 'teamInternalId' => $team->getInternalId(), @@ -592,7 +594,9 @@ App::post('/v1/projects/:projectId/webhooks') '$id' => $dbForConsole->getId(), '$permissions' => [ 'read(any)', - 'write(any)', + 'create(any)', + 'update(any)', + 'delete(any)', ], 'projectInternalId' => $project->getInternalId(), 'projectId' => $project->getId(), @@ -838,7 +842,9 @@ App::post('/v1/projects/:projectId/keys') '$id' => $dbForConsole->getId(), '$permissions' => [ 'read(any)', - 'write(any)', + 'create(any)', + 'update(any)', + 'delete(any)', ], 'projectInternalId' => $project->getInternalId(), 'projectId' => $project->getId(), @@ -1036,7 +1042,9 @@ App::post('/v1/projects/:projectId/platforms') '$id' => $dbForConsole->getId(), '$permissions' => [ 'read(any)', - 'write(any)', + 'create(any)', + 'update(any)', + 'delete(any)', ], 'projectInternalId' => $project->getInternalId(), 'projectId' => $project->getId(), @@ -1250,7 +1258,9 @@ App::post('/v1/projects/:projectId/domains') '$id' => $dbForConsole->getId(), '$permissions' => [ 'read(any)', - 'write(any)', + 'create(any)', + 'update(any)', + 'delete(any)', ], 'projectInternalId' => $project->getInternalId(), 'projectId' => $project->getId(), diff --git a/app/controllers/api/teams.php b/app/controllers/api/teams.php index f0699b31d..2a1fbe419 100644 --- a/app/controllers/api/teams.php +++ b/app/controllers/api/teams.php @@ -334,7 +334,9 @@ App::post('/v1/teams/:teamId/memberships') '$id' => $userId, '$permissions' => [ 'read(any, user:' . $userId . ')', - 'write(user:' . $userId . ')', + 'create(user:' . $userId . ')', + 'update(user:' . $userId . ')', + 'delete(user:' . $userId . ')', ], 'email' => $email, 'emailVerification' => false, @@ -373,7 +375,9 @@ App::post('/v1/teams/:teamId/memberships') '$id' => $membershipId, '$permissions' => [ 'read(any)', - 'write(user: ' . $invitee->getId() . ', team:' . $team->getId() . '/owner)', + 'create(user: ' . $invitee->getId() . ', team:' . $team->getId() . '/owner)', + 'update(user: ' . $invitee->getId() . ', team:' . $team->getId() . '/owner)', + 'delete(user: ' . $invitee->getId() . ', team:' . $team->getId() . '/owner)', ], 'userId' => $invitee->getId(), 'userInternalId' => $invitee->getInternalId(), @@ -726,7 +730,9 @@ App::patch('/v1/teams/:teamId/memberships/:membershipId/status') $session = $dbForProject->createDocument('sessions', $session ->setAttribute('$permissions', [ 'read(user: ' . $user->getId() . ')', - 'write(user: ' . $user->getId() . ')', + 'create(user: ' . $user->getId() . ')', + 'update(user: ' . $user->getId() . ')', + 'delete(user: ' . $user->getId() . ')', ])); $dbForProject->deleteCachedDocument('users', $user->getId()); diff --git a/app/controllers/api/users.php b/app/controllers/api/users.php index 65be0bdd4..349f3fc98 100644 --- a/app/controllers/api/users.php +++ b/app/controllers/api/users.php @@ -59,7 +59,9 @@ App::post('/v1/users') '$id' => $userId, '$permissions' => [ 'read(any)', - 'write(user:' . $userId . ')', + 'create(user:' . $userId . ')', + 'update(user:' . $userId . ')', + 'delete(user:' . $userId . ')', ], 'email' => $email, 'emailVerification' => false,