Appwrite/appwrite
1
0
Fork 0
mirror of https://github.com/appwrite/appwrite.git synced 2026-05-26 13:51:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:appwrite/appwrite into functions

Browse Source
This commit is contained in:
Eldad Fux
2020-07-10 16:31:52 +03:00
parent e31cf70171 f08543d669
commit 1cd09ff2fe
7 changed files with 125 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/controllers/api/projects.php
+1 -1
View File
@@ -6,7 +6,6 @@ use Utopia\Exception;
use Utopia\Response;
use Utopia\Validator\ArrayList;
use Utopia\Validator\Boolean;
use Utopia\Validator\Domain as DomainValidator;
use Utopia\Validator\Text;
use Utopia\Validator\WhiteList;
use Utopia\Validator\URL;
@@ -19,6 +18,7 @@ use Appwrite\Database\Document;
use Appwrite\Database\Validator\UID;
use Appwrite\OpenSSL\OpenSSL;
use Appwrite\Network\Validator\CNAME;
use Appwrite\Network\Validator\Domain as DomainValidator;
use Cron\CronExpression;
$scopes = include __DIR__.'/../../../app/config/scopes.php';
app/controllers/api/teams.php
+21 -7
View File
@@ -51,7 +51,7 @@ $utopia->post('/v1/teams')
throw new Exception('Failed saving team to DB', 500);
}
if ($mode !== APP_MODE_ADMIN && $user->getId()) { // Don't add user on server mode
if ($mode !== APP_MODE_ADMIN && $user->getId()) { // Don't add user on app/server mode
$membership = new Document([
'$collection' => Database::SYSTEM_COLLECTION_MEMBERSHIPS,
'$permissions' => [
@@ -219,7 +219,7 @@ $utopia->post('/v1/teams/:teamId/memberships')
->param('roles', [], function () { return new ArrayList(new Text(128)); }, 'Array of strings. Use this param to set the user roles in the team. A role can be any string. Learn more about [roles and permissions](/docs/permissions).')
->param('url', '', function () use ($clients) { return new Host($clients); }, 'URL to redirect the user back to your app from the invitation email. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.') // TODO add our own built-in confirm page
->action(
function ($teamId, $email, $name, $roles, $url) use ($response, $mail, $project, $user, $audit, $projectDB, $mode) {
function ($teamId, $email, $name, $roles, $url) use ($response, $mail, $project, $user, $audit, $projectDB, &$mode) {
$name = (empty($name)) ? $email : $name;
$team = $projectDB->getDocument($teamId);
@@ -288,7 +288,7 @@ $utopia->post('/v1/teams/:teamId/memberships')
}
}
if (!$isOwner && (APP_MODE_ADMIN !== $mode)) {
if (!$isOwner && APP_MODE_ADMIN !== $mode && $user->getId()) { // Not owner, not admin, not app (server)
throw new Exception('User is not allowed to send invitations for this team', 401);
}
@@ -304,14 +304,28 @@ $utopia->post('/v1/teams/:teamId/memberships')
'teamId' => $team->getId(),
'roles' => $roles,
'invited' => \time(),
'joined' => 0,
'confirm' => (APP_MODE_ADMIN === $mode),
'joined' => (APP_MODE_ADMIN === $mode || !$user->getId()) ? \time() : 0,
'confirm' => (APP_MODE_ADMIN === $mode || !$user->getId()),
'secret' => Auth::hash($secret),
]);
if (APP_MODE_ADMIN === $mode) { // Allow admin to create membership
if (APP_MODE_ADMIN === $mode || !$user->getId()) { // Allow admin to create membership
Authorization::disable();
$membership = $projectDB->createDocument($membership->getArrayCopy());
$team = $projectDB->updateDocument(\array_merge($team->getArrayCopy(), [
'sum' => $team->getAttribute('sum', 0) + 1,
]));
// Attach user to team
$invitee->setAttribute('memberships', $membership, Document::SET_TYPE_APPEND);
$invitee = $projectDB->updateDocument($invitee->getArrayCopy());
if (false === $invitee) {
throw new Exception('Failed saving user to DB', 500);
}
Authorization::reset();
} else {
$membership = $projectDB->createDocument($membership->getArrayCopy());
@@ -346,7 +360,7 @@ $utopia->post('/v1/teams/:teamId/memberships')
->setParam('{{text-cta}}', '#ffffff')
;
if (APP_MODE_ADMIN !== $mode) { // No need in comfirmation when in admin mode
if (APP_MODE_ADMIN !== $mode && $user->getId()) { // No need in comfirmation when in admin or app mode
$mail
->setParam('event', 'teams.membership.create')
->setParam('recipient', $email)
app/views/console/settings/index.phtml
+1 -1
View File
@@ -361,7 +361,7 @@ $customDomainsTarget = $this->getParam('customDomainsTarget', false);
<input type="hidden" name="projectId" data-ls-bind="{{router.params.project}}" />
<label for="name">Domain Name</label>
<input type="text" class="full-width" id="domain" name="domain" placeholder="appwrite.example.com" required autocomplete="off" title="Enter a valid domain name" pattern="^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+$" />
<input type="text" class="full-width" id="domain" name="domain" placeholder="appwrite.example.com" required autocomplete="off" title="Enter a valid domain name" pattern="^([a-zA-Z0-9][a-zA-Z0-9-_]*\.)*[a-zA-Z0-9]*[a-zA-Z0-9-_]*[[a-zA-Z0-9]+$" />
<hr />
composer.json
+1 -1
View File
@@ -32,7 +32,7 @@
"appwrite/php-clamav": "1.0.*",
"utopia-php/framework": "0.4.0",
"utopia-php/framework": "0.4.1",
"utopia-php/abuse": "0.2.*",
"utopia-php/audit": "0.3.*",
"utopia-php/cache": "0.2.*",
src/Appwrite/Auth/OAuth2/PaypalSandbox.php
+1 -1
View File
@@ -7,7 +7,7 @@ use Appwrite\Auth\OAuth2\Paypal;
class PaypalSandbox extends Paypal
{
protected environment = 'sandbox';
protected $environment = 'sandbox';
/**
* @return string
src/Appwrite/Network/Validator/Domain.php
+54
View File
@@ -0,0 +1,54 @@
<?php
namespace Appwrite\Network\Validator;
use Utopia\Validator;
/**
* Domain
*
* Validate that an variable is a valid domain address
*
* @package Utopia\Validator
*/
class Domain extends Validator
{
/**
* Get Description
*
* Returns validator description
*
* @return string
*/
public function getDescription()
{
return 'Value must be a valid domain';
}
/**
* Is valid
*
* Validation will pass when $value is valid domain.
*
* Validates domain names against RFC 1034, RFC 1035, RFC 952, RFC 1123, RFC 2732, RFC 2181, and RFC 1123.
*
* @param mixed $value
* @return bool
*/
public function isValid($value)
{
if(empty($value)) {
return false;
}
if(!is_string($value)) {
return false;
}
if (\filter_var($value, FILTER_VALIDATE_DOMAIN) === false) {
return false;
}
return true;
}
}
tests/unit/Network/Validators/DomainTest.php
+46
View File
@@ -0,0 +1,46 @@
<?php
namespace Appwrite\Tests;
use Appwrite\Network\Validator\Domain;
use PHPUnit\Framework\TestCase;
class DomainTest extends TestCase
{
/**
* @var Domain
*/
protected $domain = null;
public function setUp()
{
$this->domain = new Domain();
}
public function tearDown()
{
$this->domain = null;
}
public function testIsValid()
{
// Assertions
$this->assertEquals(true, $this->domain->isValid('example.com'));
$this->assertEquals(true, $this->domain->isValid('subdomain.example.com'));
$this->assertEquals(true, $this->domain->isValid('subdomain.example-app.com'));
$this->assertEquals(true, $this->domain->isValid('subdomain.example_app.com'));
$this->assertEquals(true, $this->domain->isValid('subdomain-new.example.com'));
$this->assertEquals(true, $this->domain->isValid('subdomain_new.example.com'));
$this->assertEquals(true, $this->domain->isValid('localhost'));
$this->assertEquals(true, $this->domain->isValid('appwrite.io'));
$this->assertEquals(true, $this->domain->isValid('appwrite.org'));
$this->assertEquals(true, $this->domain->isValid('appwrite.org'));
$this->assertEquals(false, $this->domain->isValid(false));
$this->assertEquals(false, $this->domain->isValid('.'));
$this->assertEquals(false, $this->domain->isValid('..'));
$this->assertEquals(false, $this->domain->isValid(''));
$this->assertEquals(false, $this->domain->isValid(['string', 'string']));
$this->assertEquals(false, $this->domain->isValid(1));
$this->assertEquals(false, $this->domain->isValid(1.2));
}
}