More cometics
This commit is contained in:
parent
dc57a41f36
commit
c173d4a2e3
|
@ -79,7 +79,7 @@ App::post('/v1/account')
|
|||
$limit = $project->getAttribute('usersAuthLimit', 0);
|
||||
|
||||
if ($limit !== 0) {
|
||||
$sum = $dbForInternal->count('users'); // Count users TODO: add a 10k limit here.
|
||||
$sum = $dbForInternal->count('users', [], APP_LIMIT_USERS);
|
||||
|
||||
if($sum >= $limit) {
|
||||
throw new Exception('Project registration is restricted. Contact your administrator for more information.', 501);
|
||||
|
@ -461,7 +461,7 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
|
|||
$limit = $project->getAttribute('usersAuthLimit', 0);
|
||||
|
||||
if ($limit !== 0) {
|
||||
$sum = $dbForInternal->count('users'); // Count users TODO: add a 10k limit here.
|
||||
$sum = $dbForInternal->count('users', [], APP_LIMIT_COUNT);
|
||||
|
||||
if($sum >= $limit) {
|
||||
throw new Exception('Project registration is restricted. Contact your administrator for more information.', 501);
|
||||
|
@ -621,7 +621,7 @@ App::post('/v1/account/sessions/anonymous')
|
|||
$limit = $project->getAttribute('usersAuthLimit', 0);
|
||||
|
||||
if ($limit !== 0) {
|
||||
$sum = $dbForInternal->count('users'); // Count users TODO: add a 10k limit here.
|
||||
$sum = $dbForInternal->count('users', [], APP_LIMIT_COUNT);
|
||||
|
||||
if($sum >= $limit) {
|
||||
throw new Exception('Project registration is restricted. Contact your administrator for more information.', 501);
|
||||
|
|
|
@ -98,7 +98,7 @@ App::get('/v1/functions')
|
|||
/** @var Utopia\Database\Database $dbForInternal */
|
||||
|
||||
$response->dynamic2(new Document([
|
||||
'sum' => $dbForInternal->count('functions', [], 5000),
|
||||
'sum' => $dbForInternal->count('functions', [], APP_LIMIT_COUNT),
|
||||
'functions' => $dbForInternal->find('functions', [], $limit, $offset)
|
||||
]), Response::MODEL_FUNCTION_LIST);
|
||||
});
|
||||
|
@ -537,7 +537,7 @@ App::get('/v1/functions/:functionId/tags')
|
|||
|
||||
$sum = $dbForInternal->count('tags', [
|
||||
new Query('functionId', Query::TYPE_EQUAL, [$function->getId()]),
|
||||
], 5000);
|
||||
], APP_LIMIT_COUNT);
|
||||
|
||||
$response->dynamic2(new Document([
|
||||
'sum' => $sum,
|
||||
|
@ -793,7 +793,7 @@ App::get('/v1/functions/:functionId/executions')
|
|||
|
||||
$sum = $dbForInternal->count('executions', [
|
||||
new Query('functionId', Query::TYPE_EQUAL, [$function->getId()]),
|
||||
], 5000);
|
||||
], APP_LIMIT_COUNT);
|
||||
|
||||
$response->dynamic2(new Document([
|
||||
'sum' => $sum,
|
||||
|
|
|
@ -180,7 +180,7 @@ App::get('/v1/storage/files')
|
|||
/** @var Utopia\Database\Database $dbForInternal */
|
||||
|
||||
$response->dynamic2(new Document([
|
||||
'sum' => $dbForInternal->count('files', [], 5000),
|
||||
'sum' => $dbForInternal->count('files', [], APP_LIMIT_COUNT),
|
||||
'files' => $dbForInternal->find('files', [], $limit, $offset)
|
||||
]), Response::MODEL_FILE_LIST);
|
||||
});
|
||||
|
|
|
@ -50,7 +50,7 @@ App::post('/v1/teams')
|
|||
$teamId = $dbForInternal->getId();
|
||||
$team = $dbForInternal->createDocument('teams', new Document([
|
||||
'$id' => $teamId ,
|
||||
'$read' => ['team:'.$teamId ],
|
||||
'$read' => ['team:'.$teamId],
|
||||
'$write' => ['team:'.$teamId .'/owner'],
|
||||
'name' => $name,
|
||||
'sum' => ($isPrivilegedUser || $isAppUser) ? 0 : 1,
|
||||
|
@ -76,7 +76,6 @@ App::post('/v1/teams')
|
|||
|
||||
// Attach user to team
|
||||
$user->setAttribute('memberships', $membership, Document::SET_TYPE_APPEND);
|
||||
|
||||
$user = $dbForInternal->updateDocument('users', $user->getId(), $user);
|
||||
}
|
||||
|
||||
|
@ -106,7 +105,7 @@ App::get('/v1/teams')
|
|||
/** @var Utopia\Database\Database $dbForInternal */
|
||||
|
||||
$results = $dbForInternal->find('teams', [], $limit, $offset);
|
||||
$sum = $dbForInternal->count('teams', [], 5000);
|
||||
$sum = $dbForInternal->count('teams', [], APP_LIMIT_COUNT);
|
||||
|
||||
$response->dynamic2(new Document([
|
||||
'sum' => $sum,
|
||||
|
@ -203,9 +202,8 @@ App::delete('/v1/teams/:teamId')
|
|||
], 2000, 0); // TODO fix members limit
|
||||
|
||||
// TODO delete all members individually from the user object
|
||||
|
||||
foreach ($memberships as $member) {
|
||||
if (!$dbForInternal->deleteDocument('memberships', $member->getId())) {
|
||||
foreach ($memberships as $membership) {
|
||||
if (!$dbForInternal->deleteDocument('memberships', $membership->getId())) {
|
||||
throw new Exception('Failed to remove membership for team from DB', 500);
|
||||
}
|
||||
}
|
||||
|
@ -265,7 +263,6 @@ App::post('/v1/teams/:teamId/memberships')
|
|||
throw new Exception('Team not found', 404);
|
||||
}
|
||||
|
||||
$memberships = $dbForInternal->findFirst('memberships', [new Query('teamId', Query::TYPE_EQUAL, [$team->getId()])], 2000, 0);
|
||||
$invitee = $dbForInternal->findFirst('users', [new Query('email', Query::TYPE_EQUAL, [$email])], 1); // Get user by email address
|
||||
|
||||
if (empty($invitee)) { // Create new user if no user with same email found
|
||||
|
@ -273,7 +270,7 @@ App::post('/v1/teams/:teamId/memberships')
|
|||
$limit = $project->getAttribute('usersAuthLimit', 0);
|
||||
|
||||
if ($limit !== 0 && $project->getId() !== 'console') { // check users limit, console invites are allways allowed.
|
||||
$sum = $dbForInternal->count('users'); // Count users TODO: add a 10k limit here.
|
||||
$sum = $dbForInternal->count('users', [], APP_LIMIT_USERS);
|
||||
|
||||
if($sum >= $limit) {
|
||||
throw new Exception('Project registration is restricted. Contact your administrator for more information.', 501);
|
||||
|
@ -296,8 +293,10 @@ App::post('/v1/teams/:teamId/memberships')
|
|||
'registration' => \time(),
|
||||
'reset' => false,
|
||||
'name' => $name,
|
||||
'prefs' => [],
|
||||
'sessions' => [],
|
||||
'tokens' => [],
|
||||
'memberships' => [],
|
||||
]));
|
||||
} catch (Duplicate $th) {
|
||||
throw new Exception('Account already exists', 409);
|
||||
|
@ -306,17 +305,7 @@ App::post('/v1/teams/:teamId/memberships')
|
|||
Authorization::reset();
|
||||
}
|
||||
|
||||
$isOwner = false;
|
||||
|
||||
foreach ($memberships as $member) {
|
||||
if ($member->getAttribute('userId') == $invitee->getId()) {
|
||||
throw new Exception('User has already been invited or is already a member of this team', 409);
|
||||
}
|
||||
|
||||
if ($member->getAttribute('userId') == $user->getId() && \in_array('owner', $member->getAttribute('roles', []))) {
|
||||
$isOwner = true;
|
||||
}
|
||||
}
|
||||
$isOwner = Authorization::isRole('team:'.$team->getId().'/owner');;
|
||||
|
||||
if (!$isOwner && !$isPrivilegedUser && !$isAppUser) { // Not owner, not admin, not app (server)
|
||||
throw new Exception('User is not allowed to send invitations for this team', 401);
|
||||
|
@ -339,7 +328,11 @@ App::post('/v1/teams/:teamId/memberships')
|
|||
|
||||
if ($isPrivilegedUser || $isAppUser) { // Allow admin to create membership
|
||||
Authorization::disable();
|
||||
$membership = $dbForInternal->createDocument('memberships', $membership);
|
||||
try {
|
||||
$membership = $dbForInternal->createDocument('memberships', $membership);
|
||||
} catch (Duplicate $th) {
|
||||
throw new Exception('User has already been invited or is already a member of this team', 409);
|
||||
}
|
||||
|
||||
$team = $dbForInternal->updateDocument('teams', $team->getId(), $team->setAttribute('sum', $team->getAttribute('sum', 0) + 1));
|
||||
|
||||
|
@ -350,7 +343,11 @@ App::post('/v1/teams/:teamId/memberships')
|
|||
|
||||
Authorization::reset();
|
||||
} else {
|
||||
$membership = $dbForInternal->createDocument('memberships', $membership);
|
||||
try {
|
||||
$membership = $dbForInternal->createDocument('memberships', $membership);
|
||||
} catch (Duplicate $th) {
|
||||
throw new Exception('User has already been invited or is already a member of this team', 409);
|
||||
}
|
||||
}
|
||||
|
||||
$url = Template::parseURL($url);
|
||||
|
@ -433,7 +430,7 @@ App::get('/v1/teams/:teamId/memberships')
|
|||
}
|
||||
|
||||
$memberships = $dbForInternal->find('memberships', [new Query('teamId', Query::TYPE_EQUAL, [$teamId])], $limit, $offset);
|
||||
$sum = $dbForInternal->count('memberships', [new Query('teamId', Query::TYPE_EQUAL, [$teamId])], 5000);
|
||||
$sum = $dbForInternal->count('memberships', [new Query('teamId', Query::TYPE_EQUAL, [$teamId])], APP_LIMIT_COUNT);
|
||||
$users = [];
|
||||
|
||||
foreach ($memberships as $membership) {
|
||||
|
@ -486,7 +483,7 @@ App::patch('/v1/teams/:teamId/memberships/:inviteId/status')
|
|||
$membership = $dbForInternal->getDocument('memberships', $inviteId);
|
||||
|
||||
if (empty($membership->getId())) {
|
||||
throw new Exception('Invite not found', 404);
|
||||
throw new Exception('Membership not found', 404);
|
||||
}
|
||||
|
||||
if ($membership->getAttribute('teamId') !== $teamId) {
|
||||
|
|
|
@ -87,7 +87,7 @@ App::get('/v1/users')
|
|||
/** @var Utopia\Database\Database $dbForInternal */
|
||||
|
||||
$results = $dbForInternal->find('users', [], $limit, $offset);
|
||||
$sum = $dbForInternal->count('users', [], 5000);
|
||||
$sum = $dbForInternal->count('users', [], APP_LIMIT_COUNT);
|
||||
|
||||
$response->dynamic2(new Document([
|
||||
'sum' => $sum,
|
||||
|
|
|
@ -44,6 +44,8 @@ const APP_USERAGENT = APP_NAME.'-Server v%s. Please report abuse at %s';
|
|||
const APP_MODE_DEFAULT = 'default';
|
||||
const APP_MODE_ADMIN = 'admin';
|
||||
const APP_PAGING_LIMIT = 12;
|
||||
const APP_LIMIT_COUNT = 5000;
|
||||
const APP_LIMIT_USERS = 10000;
|
||||
const APP_CACHE_BUSTER = 145;
|
||||
const APP_VERSION_STABLE = '0.8.0';
|
||||
const APP_STORAGE_UPLOADS = '/storage/uploads';
|
||||
|
|
4
composer.lock
generated
4
composer.lock
generated
|
@ -1923,7 +1923,7 @@
|
|||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://github.com/utopia-php/database",
|
||||
"reference": "20d189c6687ebfe82c3148794a01f51ebc6efb05"
|
||||
"reference": "d54bbae93fea9f60df535e4f669146e24d87761b"
|
||||
},
|
||||
"require": {
|
||||
"ext-mongodb": "*",
|
||||
|
@ -1970,7 +1970,7 @@
|
|||
"upf",
|
||||
"utopia"
|
||||
],
|
||||
"time": "2021-05-08T22:11:07+00:00"
|
||||
"time": "2021-05-09T13:42:23+00:00"
|
||||
},
|
||||
{
|
||||
"name": "utopia-php/domains",
|
||||
|
|
|
@ -63,7 +63,7 @@ services:
|
|||
- ./psalm.xml:/usr/src/code/psalm.xml
|
||||
- ./tests:/usr/src/code/tests
|
||||
- ./app:/usr/src/code/app
|
||||
# - ./vendor:/usr/src/code/vendor
|
||||
- ./vendor/utopia-php/database:/usr/src/code/vendor/utopia-php/database
|
||||
- ./docs:/usr/src/code/docs
|
||||
- ./public:/usr/src/code/public
|
||||
- ./src:/usr/src/code/src
|
||||
|
|
|
@ -78,6 +78,19 @@ trait TeamsBaseClient
|
|||
/**
|
||||
* Test for FAILURE
|
||||
*/
|
||||
|
||||
$response = $this->client->call(Client::METHOD_POST, '/teams/'.$teamUid.'/memberships', array_merge([
|
||||
'content-type' => 'application/json',
|
||||
'x-appwrite-project' => $this->getProject()['$id'],
|
||||
], $this->getHeaders()), [
|
||||
'email' => $email,
|
||||
'name' => 'Friend User',
|
||||
'roles' => ['admin', 'editor'],
|
||||
'url' => 'http://localhost:5000/join-us#title'
|
||||
]);
|
||||
|
||||
$this->assertEquals(409, $response['headers']['status-code']);
|
||||
|
||||
$response = $this->client->call(Client::METHOD_POST, '/teams/'.$teamUid.'/memberships', array_merge([
|
||||
'content-type' => 'application/json',
|
||||
'x-appwrite-project' => $this->getProject()['$id'],
|
||||
|
|
|
@ -78,6 +78,19 @@ trait TeamsBaseServer
|
|||
/**
|
||||
* Test for FAILURE
|
||||
*/
|
||||
|
||||
$response = $this->client->call(Client::METHOD_POST, '/teams/'.$teamUid.'/memberships', array_merge([
|
||||
'content-type' => 'application/json',
|
||||
'x-appwrite-project' => $this->getProject()['$id'],
|
||||
], $this->getHeaders()), [
|
||||
'email' => $email,
|
||||
'name' => 'Friend User',
|
||||
'roles' => ['admin', 'editor'],
|
||||
'url' => 'http://localhost:5000/join-us#title'
|
||||
]);
|
||||
|
||||
$this->assertEquals(409, $response['headers']['status-code']);
|
||||
|
||||
$response = $this->client->call(Client::METHOD_POST, '/teams/'.$teamUid.'/memberships', array_merge([
|
||||
'content-type' => 'application/json',
|
||||
'x-appwrite-project' => $this->getProject()['$id'],
|
||||
|
|
Loading…
Reference in a new issue