Merge remote-tracking branch 'origin/refactor-usage-sn' into fix-identities-query-to-use-internal-ids

2026-05-23 08:58:35 +00:00 · 2024-03-18 08:55:30 +00:00 · 2024-03-18 08:55:30 +00:00 · 2a6da11842
commit 2a6da11842
parent c849ff0b0f a75ce14218
2 changed files with 10 additions and 10 deletions
--- a/app/controllers/api/teams.php
+++ b/app/controllers/api/teams.php
@ -694,7 +694,7 @@ App::get('/v1/teams/:teamId/memberships')
        }

        // Set internal queries
-        $queries[] = Query::equal('teamId', [$teamId]);
+        $queries[] = Query::equal('teamInternalId', [$team->getInternalId()]);

        // Get cursor document if there was a cursor query
        $cursor = \array_filter($queries, function ($query) {
@ -894,16 +894,16 @@ App::patch('/v1/teams/:teamId/memberships/:membershipId/status')
            throw new Exception(Exception::MEMBERSHIP_NOT_FOUND);
        }

-        if ($membership->getAttribute('teamId') !== $teamId) {
-            throw new Exception(Exception::TEAM_MEMBERSHIP_MISMATCH);
-        }
-
        $team = Authorization::skip(fn() => $dbForProject->getDocument('teams', $teamId));

        if ($team->isEmpty()) {
            throw new Exception(Exception::TEAM_NOT_FOUND);
        }

+        if ($membership->getAttribute('teamInternalId') !== $team->getInternalId()) {
+            throw new Exception(Exception::TEAM_MEMBERSHIP_MISMATCH);
+        }
+
        if (Auth::hash($secret) !== $membership->getAttribute('secret')) {
            throw new Exception(Exception::TEAM_INVALID_SECRET);
        }
@ -1020,10 +1020,6 @@ App::delete('/v1/teams/:teamId/memberships/:membershipId')
            throw new Exception(Exception::TEAM_INVITE_NOT_FOUND);
        }

-        if ($membership->getAttribute('teamId') !== $teamId) {
-            throw new Exception(Exception::TEAM_MEMBERSHIP_MISMATCH);
-        }
-
        $user = $dbForProject->getDocument('users', $membership->getAttribute('userId'));

        if ($user->isEmpty()) {
@ -1036,6 +1032,10 @@ App::delete('/v1/teams/:teamId/memberships/:membershipId')
            throw new Exception(Exception::TEAM_NOT_FOUND);
        }

+        if ($membership->getAttribute('teamInternalId') !== $team->getInternalId()) {
+            throw new Exception(Exception::TEAM_MEMBERSHIP_MISMATCH);
+        }
+
        $dbForProject->deleteDocument('memberships', $membership->getId());
        $dbForProject->deleteCachedDocument('users', $user->getId());

--- a/app/init.php
+++ b/app/init.php
@ -1034,7 +1034,7 @@ App::setResource('user', function ($mode, $project, $console, $request, $respons
    }

    if (APP_MODE_ADMIN === $mode) {
-        if ($user->find('teamId', $project->getAttribute('teamId'), 'memberships')) {
+        if ($user->find('teamInternalId', $project->getAttribute('teamInternalId'), 'memberships')) {
            Authorization::setDefaultStatus(false);  // Cancel security segmentation for admin users.
        } else {
            $user = new Document([]);