From 0b344e182c02e4adda687d8ce683091f16aca88d Mon Sep 17 00:00:00 2001
From: Torsten Dittmann <torsten.dittmann@googlemail.com>
Date: Fri, 3 Sep 2021 17:07:09 +0200
Subject: [PATCH] feat(Auth): improve getRoles method

---
 src/Appwrite/Auth/Auth.php | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/src/Appwrite/Auth/Auth.php b/src/Appwrite/Auth/Auth.php
index 7fd402f5bd..1f75a55204 100644
--- a/src/Appwrite/Auth/Auth.php
+++ b/src/Appwrite/Auth/Auth.php
@@ -3,6 +3,7 @@
 namespace Appwrite\Auth;
 
 use Appwrite\Database\Document;
+use Appwrite\Database\Validator\Authorization;
 
 class Auth
 {
@@ -282,11 +283,13 @@ class Auth
      */
     public static function getRoles(Document $user): array
     {
-        if ($user->getId()) {
-            $roles[] = 'user:'.$user->getId();
-            $roles[] = 'role:'.Auth::USER_ROLE_MEMBER;
-        } else {
-            return ['role:'.Auth::USER_ROLE_GUEST];
+        if (self::isPrivilegedUser(Authorization::$roles) || self::isAppUser(Authorization::$roles)) {
+            if ($user->getId()) {
+                $roles[] = 'user:'.$user->getId();
+                $roles[] = 'role:'.Auth::USER_ROLE_MEMBER;
+            } else {
+                return ['role:'.Auth::USER_ROLE_GUEST];
+            }
         }
 
         foreach ($user->getAttribute('memberships', []) as $node) {