fix(general): role reference overwrite
This commit is contained in:
parent
5a152987a7
commit
eb12a8c26f
|
@ -33,7 +33,7 @@ App::init(function ($utopia, $request, $response, $console, $project, $consoleDB
|
|||
/** @var Utopia\Locale\Locale $locale */
|
||||
/** @var bool $mode */
|
||||
/** @var array $clients */
|
||||
|
||||
|
||||
$domain = $request->getHostname();
|
||||
$domains = Config::getParam('domains', []);
|
||||
if (!array_key_exists($domain, $domains)) {
|
||||
|
@ -98,7 +98,7 @@ App::init(function ($utopia, $request, $response, $console, $project, $consoleDB
|
|||
|
||||
$refDomain = (!empty($protocol) ? $protocol : $request->getProtocol()).'://'.((\in_array($origin, $clients))
|
||||
? $origin : 'localhost').(!empty($port) ? ':'.$port : '');
|
||||
|
||||
|
||||
$refDomain = (!$route->getLabel('origin', false)) // This route is publicly accessible
|
||||
? $refDomain
|
||||
: (!empty($protocol) ? $protocol : $request->getProtocol()).'://'.$origin.(!empty($port) ? ':'.$port : '');
|
||||
|
@ -119,7 +119,7 @@ App::init(function ($utopia, $request, $response, $console, $project, $consoleDB
|
|||
Config::setParam('domainVerification',
|
||||
($selfDomain->getRegisterable() === $endDomain->getRegisterable()) &&
|
||||
$endDomain->getRegisterable() !== '');
|
||||
|
||||
|
||||
Config::setParam('cookieDomain', (
|
||||
$request->getHostname() === 'localhost' ||
|
||||
$request->getHostname() === 'localhost:'.$request->getPort() ||
|
||||
|
@ -189,7 +189,7 @@ App::init(function ($utopia, $request, $response, $console, $project, $consoleDB
|
|||
&& empty($request->getHeader('x-appwrite-key', ''))) {
|
||||
throw new Exception($originValidator->getDescription(), 403);
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* ACL Check
|
||||
*/
|
||||
|
@ -223,7 +223,7 @@ App::init(function ($utopia, $request, $response, $console, $project, $consoleDB
|
|||
if (!empty($authKey)) { // API Key authentication
|
||||
// Check if given key match project API keys
|
||||
$key = $project->search('secret', $authKey, $project->getAttribute('keys', []));
|
||||
|
||||
|
||||
/*
|
||||
* Try app auth when we have project key and no user
|
||||
* Mock user to app and grant API key scopes in addition to default app scopes
|
||||
|
@ -245,8 +245,8 @@ App::init(function ($utopia, $request, $response, $console, $project, $consoleDB
|
|||
}
|
||||
}
|
||||
|
||||
foreach (Auth::getRoles($user) as $role) {
|
||||
Authorization::setRole($role);
|
||||
foreach (Auth::getRoles($user) as $authRole) {
|
||||
Authorization::setRole($authRole);
|
||||
}
|
||||
|
||||
// TDOO Check if user is root
|
||||
|
@ -255,7 +255,7 @@ App::init(function ($utopia, $request, $response, $console, $project, $consoleDB
|
|||
if (empty($project->getId()) || Database::SYSTEM_COLLECTION_PROJECTS !== $project->getCollection()) { // Check if permission is denied because project is missing
|
||||
throw new Exception('Project not found', 404);
|
||||
}
|
||||
|
||||
|
||||
throw new Exception($user->getAttribute('email', 'User').' (role: '.\strtolower($roles[$role]['label']).') missing scope ('.$scope.')', 401);
|
||||
}
|
||||
|
||||
|
@ -302,12 +302,12 @@ App::error(function ($error, $utopia, $request, $response, $layout, $project) {
|
|||
|
||||
if (php_sapi_name() === 'cli') {
|
||||
Console::error('[Error] Timestamp: '.date('c', time()));
|
||||
|
||||
|
||||
if($route) {
|
||||
Console::error('[Error] Method: '.$route->getMethod());
|
||||
Console::error('[Error] URL: '.$route->getURL());
|
||||
}
|
||||
|
||||
|
||||
Console::error('[Error] Type: '.get_class($error));
|
||||
Console::error('[Error] Message: '.$error->getMessage());
|
||||
Console::error('[Error] File: '.$error->getFile());
|
||||
|
|
Loading…
Reference in a new issue