Fixed permission check

2024-06-26 18:20:43 +12:00 · 2021-05-16 13:55:12 +03:00 · 2021-05-16 13:55:12 +03:00 · cee71ef7b3
parent 2760cf5993
commit cee71ef7b3
4 changed files with 9 additions and 13 deletions
--- a/app/controllers/api/projects.php
+++ b/app/controllers/api/projects.php
@ -84,10 +84,6 @@ App::post('/v1/projects')
            'usersAuthPhone' => true,
        ]));

-        if (false === $project) {
-            throw new Exception('Failed saving project to DB', 500);
-        }
-
        $collections = Config::getParam('collections2', []); /** @var array $collections */

        $dbForInternal->setNamespace('project_'.$project->getId().'_internal');
--- a/app/controllers/general.php
+++ b/app/controllers/general.php
@ -191,10 +191,10 @@ App::init(function ($utopia, $request, $response, $console, $project, $consoleDB
    $role = ($user->isEmpty()) ? Auth::USER_ROLE_GUEST : Auth::USER_ROLE_MEMBER;

    // Add user roles
-    $membership = $user->find('teamId', $project->getAttribute('teamId', null), 'memberships');
+    $memberships = $user->find('teamId', $project->getAttribute('teamId', null), 'memberships');

-    if ($membership) {
-        foreach ($membership->getAttribute('roles', []) as $memberRole) {
+    if ($memberships) {
+        foreach ($memberships->getAttribute('roles', []) as $memberRole) {
            switch ($memberRole) {
                case 'owner':
                    $role = Auth::USER_ROLE_OWNER;
--- a/app/init.php
+++ b/app/init.php
@ -445,7 +445,7 @@ App::setResource('user', function($mode, $project, $console, $request, $response
    Auth::$unique = $session['id'] ?? '';
    Auth::$secret = $session['secret'] ?? '';

-    if (APP_MODE_ADMIN !== $mode && $project->getId() !== 'console') {
+    if (APP_MODE_ADMIN !== $mode) {
        $user = $dbForInternal->getDocument('users', Auth::$unique);
    }
    else {
@ -458,7 +458,7 @@ App::setResource('user', function($mode, $project, $console, $request, $response
    }

    if (APP_MODE_ADMIN === $mode) {
-        if (!$user->find('teamId', $project->getAttribute('teamId'), 'memberships')) {
+        if ($user->find('teamId', $project->getAttribute('teamId'), 'memberships')) {
            Authorization::setDefaultStatus(false);  // Cancel security segmentation for admin users.
            Authorization2::setDefaultStatus(false);  // Cancel security segmentation for admin users.
        } else {
@ -498,9 +498,9 @@ App::setResource('project', function($dbForConsole, $request, $console) {
    /** @var Appwrite\Database\Document $console */

    $projectId = $request->getParam('project',
-        $request->getHeader('x-appwrite-project', ''));
+        $request->getHeader('x-appwrite-project', 'console'));
    
-    if(empty($projectId) || $projectId === 'console') {
+    if($projectId === 'console') {
        return $console;
    }

--- a/composer.lock
+++ b/composer.lock
@ -1923,7 +1923,7 @@
            "source": {
                "type": "git",
                "url": "https://github.com/utopia-php/database",
-                "reference": "fe6e0ca2ff26b721516a8db83bff378f428a2caf"
+                "reference": "d4bd2ab55c87b290bd241b437c3095d945dcbf2f"
            },
            "require": {
                "ext-mongodb": "*",
@ -1970,7 +1970,7 @@
                "upf",
                "utopia"
            ],
-            "time": "2021-05-15T15:00:12+00:00"
+            "time": "2021-05-15T22:41:08+00:00"
        },
        {
            "name": "utopia-php/domains",