Appwrite/appwrite
1
0
Fork 0
mirror of https://github.com/appwrite/appwrite.git synced 2026-05-26 13:51:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix scope check

Browse Source
This commit is contained in:
Damodar Lohani
2025-09-11 06:51:01 +00:00
parent 55bebd92f3
commit 6d19d76bac
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/controllers/shared/api.php
+3 -3
View File
@@ -434,9 +434,9 @@ App::init()
}
// Step 9: Validate scope permissions
$scope = $route->getLabel('scope', 'none');
if (!\in_array($scope, $scopes)) {
throw new Exception(Exception::GENERAL_UNAUTHORIZED_SCOPE, $user->getAttribute('email', 'User') . ' (role: ' . \strtolower($roles[$role]['label']) . ') missing scope (' . $scope . ')');
$allowed = (array)$route->getLabel('scope', 'none');
if (empty(\array_intersect($allowed, $scopes))) {
throw new Exception(Exception::GENERAL_UNAUTHORIZED_SCOPE, $user->getAttribute('email', 'User') . ' (role: ' . \strtolower($roles[$role]['label']) . ') missing scopes (' . \json_encode($allowed) . ')');
}
// Step 10: Check if user is blocked