Merge branch 'main' into feat-zoho-oauth
This commit is contained in:
commit
c2a76cd560
2 changed files with 23 additions and 8 deletions
|
@ -628,7 +628,17 @@ App::post('/v1/storage/buckets/:bucketId/files')
|
||||||
->setAttribute('metadata', $metadata)
|
->setAttribute('metadata', $metadata)
|
||||||
->setAttribute('chunksUploaded', $chunksUploaded);
|
->setAttribute('chunksUploaded', $chunksUploaded);
|
||||||
|
|
||||||
$file = $dbForProject->updateDocument('bucket_' . $bucket->getInternalId(), $fileId, $file);
|
/**
|
||||||
|
* Validate create permission and skip authorization in updateDocument
|
||||||
|
* Without this, the file creation will fail when user doesn't have update permission
|
||||||
|
* However as with chunk upload even if we are updating, we are essentially creating a file
|
||||||
|
* adding it's new chunk so we validate create permission instead of update
|
||||||
|
*/
|
||||||
|
$validator = new Authorization(Database::PERMISSION_CREATE);
|
||||||
|
if (!$validator->isValid($bucket->getCreate())) {
|
||||||
|
throw new Exception(Exception::USER_UNAUTHORIZED);
|
||||||
|
}
|
||||||
|
$file = Authorization::skip(fn() => $dbForProject->updateDocument('bucket_' . $bucket->getInternalId(), $fileId, $file));
|
||||||
}
|
}
|
||||||
} catch (AuthorizationException) {
|
} catch (AuthorizationException) {
|
||||||
throw new Exception(Exception::USER_UNAUTHORIZED);
|
throw new Exception(Exception::USER_UNAUTHORIZED);
|
||||||
|
@ -665,7 +675,17 @@ App::post('/v1/storage/buckets/:bucketId/files')
|
||||||
->setAttribute('chunksUploaded', $chunksUploaded)
|
->setAttribute('chunksUploaded', $chunksUploaded)
|
||||||
->setAttribute('metadata', $metadata);
|
->setAttribute('metadata', $metadata);
|
||||||
|
|
||||||
$file = $dbForProject->updateDocument('bucket_' . $bucket->getInternalId(), $fileId, $file);
|
/**
|
||||||
|
* Validate create permission and skip authorization in updateDocument
|
||||||
|
* Without this, the file creation will fail when user doesn't have update permission
|
||||||
|
* However as with chunk upload even if we are updating, we are essentially creating a file
|
||||||
|
* adding it's new chunk so we validate create permission instead of update
|
||||||
|
*/
|
||||||
|
$validator = new Authorization(Database::PERMISSION_CREATE);
|
||||||
|
if (!$validator->isValid($bucket->getCreate())) {
|
||||||
|
throw new Exception(Exception::USER_UNAUTHORIZED);
|
||||||
|
}
|
||||||
|
$file = Authorization::skip(fn() => $dbForProject->updateDocument('bucket_' . $bucket->getInternalId(), $fileId, $file));
|
||||||
}
|
}
|
||||||
} catch (AuthorizationException) {
|
} catch (AuthorizationException) {
|
||||||
throw new Exception(Exception::USER_UNAUTHORIZED);
|
throw new Exception(Exception::USER_UNAUTHORIZED);
|
||||||
|
|
|
@ -74,10 +74,7 @@ trait StorageBase
|
||||||
'name' => 'Test Bucket 2',
|
'name' => 'Test Bucket 2',
|
||||||
'fileSecurity' => true,
|
'fileSecurity' => true,
|
||||||
'permissions' => [
|
'permissions' => [
|
||||||
Permission::read(Role::any()),
|
|
||||||
Permission::create(Role::any()),
|
Permission::create(Role::any()),
|
||||||
Permission::update(Role::any()),
|
|
||||||
Permission::delete(Role::any()),
|
|
||||||
],
|
],
|
||||||
]);
|
]);
|
||||||
$this->assertEquals(201, $bucket2['headers']['status-code']);
|
$this->assertEquals(201, $bucket2['headers']['status-code']);
|
||||||
|
@ -110,9 +107,7 @@ trait StorageBase
|
||||||
'fileId' => $fileId,
|
'fileId' => $fileId,
|
||||||
'file' => $curlFile,
|
'file' => $curlFile,
|
||||||
'permissions' => [
|
'permissions' => [
|
||||||
Permission::read(Role::any()),
|
Permission::read(Role::any())
|
||||||
Permission::update(Role::any()),
|
|
||||||
Permission::delete(Role::any()),
|
|
||||||
],
|
],
|
||||||
]);
|
]);
|
||||||
$counter++;
|
$counter++;
|
||||||
|
|
Loading…
Reference in a new issue