1
0
Fork 0
mirror of synced 2024-06-29 19:50:26 +12:00

More write ref updates

This commit is contained in:
Jake Barnby 2022-08-05 18:00:56 +12:00
parent 08609af053
commit e8af744c97
4 changed files with 31 additions and 11 deletions

View file

@ -912,7 +912,9 @@ App::post('/v1/account/sessions/phone')
'$id' => $userId, '$id' => $userId,
'$permissions' => [ '$permissions' => [
'read(any)', 'read(any)',
'write(user:' . $userId . ')' 'create(user:' . $userId . ')',
'update(user:' . $userId . ')',
'delete(user:' . $userId . ')',
], ],
'email' => null, 'email' => null,
'phone' => $number, 'phone' => $number,
@ -951,7 +953,9 @@ App::post('/v1/account/sessions/phone')
$token = $dbForProject->createDocument('tokens', $token $token = $dbForProject->createDocument('tokens', $token
->setAttribute('$permissions', [ ->setAttribute('$permissions', [
'read(user: ' . $user->getId() . ')', 'read(user: ' . $user->getId() . ')',
'write(user:' . $user->getId() . ')' 'create(user:' . $user->getId() . ')',
'update(user:' . $user->getId() . ')',
'delete(user:' . $user->getId() . ')',
])); ]));
$dbForProject->deleteCachedDocument('users', $user->getId()); $dbForProject->deleteCachedDocument('users', $user->getId());
@ -1045,7 +1049,9 @@ App::put('/v1/account/sessions/phone')
$session = $dbForProject->createDocument('sessions', $session $session = $dbForProject->createDocument('sessions', $session
->setAttribute('$permissions', [ ->setAttribute('$permissions', [
'read(user: ' . $user->getId() . ')', 'read(user: ' . $user->getId() . ')',
'write(user:' . $user->getId() . ')' 'create(user:' . $user->getId() . ')',
'update(user:' . $user->getId() . ')',
'delete(user:' . $user->getId() . ')',
])); ]));
$dbForProject->deleteCachedDocument('users', $user->getId()); $dbForProject->deleteCachedDocument('users', $user->getId());
@ -1146,7 +1152,9 @@ App::post('/v1/account/sessions/anonymous')
'$id' => $userId, '$id' => $userId,
'$permissions' => [ '$permissions' => [
'read(any)', 'read(any)',
'write(user:' . $userId . ')' 'create(user:' . $userId . ')',
'update(user:' . $userId . ')',
'delete(user:' . $userId . ')',
], ],
'email' => null, 'email' => null,
'emailVerification' => false, 'emailVerification' => false,
@ -1190,7 +1198,9 @@ App::post('/v1/account/sessions/anonymous')
$session = $dbForProject->createDocument('sessions', $session-> setAttribute('$permissions', [ $session = $dbForProject->createDocument('sessions', $session-> setAttribute('$permissions', [
'read(user: ' . $user->getId() . ')', 'read(user: ' . $user->getId() . ')',
'write(user:' . $user->getId() . ')' 'create(user:' . $user->getId() . ')',
'update(user:' . $user->getId() . ')',
'delete(user:' . $user->getId() . ')',
])); ]));
$dbForProject->deleteCachedDocument('users', $user->getId()); $dbForProject->deleteCachedDocument('users', $user->getId());

View file

@ -571,7 +571,9 @@ App::post('/v1/functions/:functionId/deployments')
'$id' => $deploymentId, '$id' => $deploymentId,
'$permissions' => [ '$permissions' => [
'read(any)', 'read(any)',
'write(any)' 'create(any)',
'update(any)',
'delete(any)',
], ],
'resourceId' => $function->getId(), 'resourceId' => $function->getId(),
'resourceType' => 'functions', 'resourceType' => 'functions',
@ -602,7 +604,9 @@ App::post('/v1/functions/:functionId/deployments')
'$id' => $deploymentId, '$id' => $deploymentId,
'$permissions' => [ '$permissions' => [
'read(any)', 'read(any)',
'write(any)' 'create(any)',
'update(any)',
'delete(any)',
], ],
'resourceId' => $function->getId(), 'resourceId' => $function->getId(),
'resourceType' => 'functions', 'resourceType' => 'functions',

View file

@ -60,8 +60,10 @@ App::post('/v1/teams')
$team = Authorization::skip(fn() => $dbForProject->createDocument('teams', new Document([ $team = Authorization::skip(fn() => $dbForProject->createDocument('teams', new Document([
'$id' => $teamId , '$id' => $teamId ,
'$permissions' => [ '$permissions' => [
"read(team:{$teamId}", 'read(team:' . $teamId . ')',
"write(team:{$teamId}/owner)", 'create(team:' . $teamId . '/owner)',
'update(team:' . $teamId . '/owner)',
'delete(team:' . $teamId . '/owner)',
], ],
'name' => $name, 'name' => $name,
'total' => ($isPrivilegedUser || $isAppUser) ? 0 : 1, 'total' => ($isPrivilegedUser || $isAppUser) ? 0 : 1,
@ -74,7 +76,9 @@ App::post('/v1/teams')
'$id' => $membershipId, '$id' => $membershipId,
'$permissions' => [ '$permissions' => [
"read(user:{$user->getId()}, team:{$team->getId()})", "read(user:{$user->getId()}, team:{$team->getId()})",
"write(user:{$user->getId()}, team:{$team->getId()}/owner)", "create(user:{$user->getId()}, team:{$team->getId()}/owner)",
"update(user:{$user->getId()}, team:{$team->getId()}/owner)",
"delete(user:{$user->getId()}, team:{$team->getId()}/owner)",
], ],
'userId' => $user->getId(), 'userId' => $user->getId(),
'userInternalId' => $user->getInternalId(), 'userInternalId' => $user->getInternalId(),

View file

@ -1060,7 +1060,9 @@ class RealtimeCustomClientTest extends Scope
'name' => 'Bucket 1', 'name' => 'Bucket 1',
'permissions' => [ 'permissions' => [
'read(any)', 'read(any)',
'write(any)' 'create(any)',
'update(any)',
'delete(any)',
] ]
]); ]);