mirror of
https://github.com/appwrite/appwrite
synced 2026-05-06 06:48:22 +00:00
Jake Barnby
GitHub
commit
4d0ca798a7
51 changed files with 53 additions and 54 deletions
|
|
@ -379,9 +379,9 @@ App::init()
|
|||
}
|
||||
|
||||
// Do now allow access if scope is not allowed
|
||||
$scope = $route->getLabel('scope', 'none');
|
||||
if (!\in_array($scope, $scopes)) {
|
||||
throw new Exception(Exception::GENERAL_UNAUTHORIZED_SCOPE, $user->getAttribute('email', 'User') . ' (role: ' . \strtolower($roles[$role]['label']) . ') missing scope (' . $scope . ')');
|
||||
$allowed = (array)$route->getLabel('scope', 'none');
|
||||
if (empty(\array_intersect($allowed, $scopes))) {
|
||||
throw new Exception(Exception::GENERAL_UNAUTHORIZED_SCOPE, $user->getAttribute('email', 'User') . ' (role: ' . \strtolower($roles[$role]['label']) . ') missing scopes (' . \json_encode($allowed) . ')');
|
||||
}
|
||||
|
||||
// Do not allow access to blocked accounts
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ class Create extends BooleanCreate
|
|||
->desc('Create boolean column')
|
||||
->groups(['api', 'database', 'schema'])
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].columns.[columnId].create')
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('audits.event', 'column.create')
|
||||
->label('audits.resource', 'database/{request.databaseId}/table/{request.tableId}')
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ class Update extends BooleanUpdate
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/columns/boolean/:key')
|
||||
->desc('Update boolean column')
|
||||
->groups(['api', 'database', 'schema'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].columns.[columnId].update')
|
||||
->label('audits.event', 'column.update')
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ class Create extends DatetimeCreate
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/columns/datetime')
|
||||
->desc('Create datetime column')
|
||||
->groups(['api', 'database'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].columns.[columnId].create')
|
||||
->label('audits.event', 'column.create')
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ class Update extends DatetimeUpdate
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/columns/datetime/:key')
|
||||
->desc('Update dateTime column')
|
||||
->groups(['api', 'database', 'schema'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].columns.[columnId].update')
|
||||
->label('audits.event', 'column.update')
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ class Delete extends AttributesDelete
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/columns/:key')
|
||||
->desc('Delete column')
|
||||
->groups(['api', 'database', 'schema'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].columns.[columnId].update')
|
||||
->label('audits.event', 'column.delete')
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ class Create extends EmailCreate
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/columns/email')
|
||||
->desc('Create email column')
|
||||
->groups(['api', 'database', 'schema'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].columns.[columnId].create')
|
||||
->label('audits.event', 'column.create')
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ class Update extends EmailUpdate
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/columns/email/:key')
|
||||
->desc('Update email column')
|
||||
->groups(['api', 'database', 'schema'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].columns.[columnId].update')
|
||||
->label('audits.event', 'column.update')
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ class Create extends EnumCreate
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/columns/enum')
|
||||
->desc('Create enum column')
|
||||
->groups(['api', 'database', 'schema'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].columns.[columnId].create')
|
||||
->label('audits.event', 'column.create')
|
||||
|
|
|
|||
|
|
@ -36,7 +36,7 @@ class Update extends EnumUpdate
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/columns/enum/:key')
|
||||
->desc('Update enum column')
|
||||
->groups(['api', 'database', 'schema'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].columns.[columnId].update')
|
||||
->label('audits.event', 'column.update')
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ class Create extends FloatCreate
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/columns/float')
|
||||
->desc('Create float column')
|
||||
->groups(['api', 'database', 'schema'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].columns.[columnId].create')
|
||||
->label('audits.event', 'column.create')
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ class Update extends FloatUpdate
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/columns/float/:key')
|
||||
->desc('Update float column')
|
||||
->groups(['api', 'database', 'schema'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].columns.[columnId].update')
|
||||
->label('audits.event', 'column.update')
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ class Get extends AttributesGet
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/columns/:key')
|
||||
->desc('Get column')
|
||||
->groups(['api', 'database'])
|
||||
->label('scope', 'tables.read')
|
||||
->label('scope', ['tables.read', 'collections.read'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('sdk', new Method(
|
||||
namespace: $this->getSdkNamespace(),
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ class Create extends IPCreate
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/columns/ip')
|
||||
->desc('Create IP address column')
|
||||
->groups(['api', 'database', 'schema'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].columns.[columnId].create')
|
||||
->label('audits.event', 'column.create')
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ class Update extends IPUpdate
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/columns/ip/:key')
|
||||
->desc('Update IP address column')
|
||||
->groups(['api', 'database', 'schema'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].columns.[columnId].update')
|
||||
->label('audits.event', 'column.update')
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ class Create extends IntegerCreate
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/columns/integer')
|
||||
->desc('Create integer column')
|
||||
->groups(['api', 'database', 'schema'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].columns.[columnId].create')
|
||||
->label('audits.event', 'column.create')
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ class Update extends IntegerUpdate
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/columns/integer/:key')
|
||||
->desc('Update integer column')
|
||||
->groups(['api', 'database', 'schema'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].columns.[columnId].update')
|
||||
->label('audits.event', 'column.update')
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ class Create extends RelationshipCreate
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/columns/relationship')
|
||||
->desc('Create relationship column')
|
||||
->groups(['api', 'database'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].columns.[columnId].create')
|
||||
->label('audits.event', 'column.create')
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ class Update extends RelationshipUpdate
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/columns/:key/relationship')
|
||||
->desc('Update relationship column')
|
||||
->groups(['api', 'database', 'schema'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].columns.[columnId].update')
|
||||
->label('audits.event', 'column.update')
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ class Create extends StringCreate
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/columns/string')
|
||||
->desc('Create string column')
|
||||
->groups(['api', 'database', 'schema'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].columns.[columnId].create')
|
||||
->label('audits.event', 'column.create')
|
||||
|
|
|
|||
|
|
@ -36,7 +36,7 @@ class Update extends StringUpdate
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/columns/string/:key')
|
||||
->desc('Update string column')
|
||||
->groups(['api', 'database', 'schema'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].columns.[columnId].update')
|
||||
->label('audits.event', 'column.update')
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ class Create extends URLCreate
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/columns/url')
|
||||
->desc('Create URL column')
|
||||
->groups(['api', 'database', 'schema'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].columns.[columnId].create')
|
||||
->label('audits.event', 'column.create')
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ class Update extends URLUpdate
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/columns/url/:key')
|
||||
->desc('Update URL column')
|
||||
->groups(['api', 'database', 'schema'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].columns.[columnId].update')
|
||||
->label('audits.event', 'column.update')
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ class XList extends AttributesXList
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/columns')
|
||||
->desc('List columns')
|
||||
->groups(['api', 'database'])
|
||||
->label('scope', 'tables.read')
|
||||
->label('scope', ['tables.read', 'collections.read'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('sdk', new Method(
|
||||
namespace: $this->getSdkNamespace(),
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ class Create extends CollectionCreate
|
|||
->desc('Create table')
|
||||
->groups(['api', 'database'])
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].create')
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('audits.event', 'table.create')
|
||||
->label('audits.resource', 'database/{request.databaseId}/table/{response.$id}')
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ class Delete extends CollectionDelete
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId')
|
||||
->desc('Delete table')
|
||||
->groups(['api', 'database', 'schema'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].delete')
|
||||
->label('audits.event', 'table.delete')
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ class Get extends CollectionGet
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId')
|
||||
->desc('Get table')
|
||||
->groups(['api', 'database'])
|
||||
->label('scope', 'tables.read')
|
||||
->label('scope', ['tables.read', 'collections.read'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('sdk', new Method(
|
||||
namespace: $this->getSdkNamespace(),
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ class Create extends IndexCreate
|
|||
->desc('Create index')
|
||||
->groups(['api', 'database'])
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].indexes.[indexId].create')
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('audits.event', 'index.create')
|
||||
->label('audits.resource', 'database/{request.databaseId}/table/{request.tableId}')
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ class Delete extends IndexDelete
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/indexes/:key')
|
||||
->desc('Delete index')
|
||||
->groups(['api', 'database'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].indexes.[indexId].update')
|
||||
->label('audits.event', 'index.delete')
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ class Get extends IndexGet
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/indexes/:key')
|
||||
->desc('Get index')
|
||||
->groups(['api', 'database'])
|
||||
->label('scope', 'tables.read')
|
||||
->label('scope', ['tables.read', 'collections.read'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('sdk', new Method(
|
||||
namespace: $this->getSdkNamespace(),
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ class XList extends IndexXList
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/indexes')
|
||||
->desc('List indexes')
|
||||
->groups(['api', 'database'])
|
||||
->label('scope', 'tables.read')
|
||||
->label('scope', ['tables.read', 'collections.read'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('sdk', new Method(
|
||||
namespace: $this->getSdkNamespace(),
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ class XList extends CollectionLogXList
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/logs')
|
||||
->desc('List table logs')
|
||||
->groups(['api', 'database'])
|
||||
->label('scope', 'tables.read')
|
||||
->label('scope', ['tables.read', 'collections.read'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('sdk', new Method(
|
||||
namespace: $this->getSdkNamespace(),
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ class Delete extends DocumentsDelete
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/rows')
|
||||
->desc('Delete rows')
|
||||
->groups(['api', 'database'])
|
||||
->label('scope', 'rows.write')
|
||||
->label('scope', ['rows.write', 'documents.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('audits.event', 'rows.delete')
|
||||
->label('audits.resource', 'database/{request.databaseId}/table/{request.tableId}')
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ class Update extends DocumentsUpdate
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/rows')
|
||||
->desc('Update rows')
|
||||
->groups(['api', 'database'])
|
||||
->label('scope', 'rows.write')
|
||||
->label('scope', ['rows.write', 'documents.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('audits.event', 'rows.update')
|
||||
->label('audits.resource', 'database/{request.databaseId}/table/{request.tableId}')
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ class Upsert extends DocumentsUpsert
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/rows')
|
||||
->desc('Create or update rows')
|
||||
->groups(['api', 'database'])
|
||||
->label('scope', 'rows.write')
|
||||
->label('scope', ['rows.write', 'documents.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('audits.event', 'row.create')
|
||||
->label('audits.resource', 'database/{request.databaseId}/table/{request.tableId}')
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ class Decrement extends DecrementDocumentAttribute
|
|||
->desc('Decrement row column')
|
||||
->groups(['api', 'database'])
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].rows.[rowId].update')
|
||||
->label('scope', 'rows.write')
|
||||
->label('scope', ['rows.write', 'documents.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('audits.event', 'rows.update')
|
||||
->label('audits.resource', 'database/{request.databaseId}/table/{request.tableId}')
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ class Increment extends IncrementDocumentAttribute
|
|||
->desc('Increment row column')
|
||||
->groups(['api', 'database'])
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].rows.[rowId].update')
|
||||
->label('scope', 'rows.write')
|
||||
->label('scope', ['rows.write', 'documents.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('audits.event', 'rows.update')
|
||||
->label('audits.resource', 'database/{request.databaseId}/table/{request.tableId}')
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ class Create extends DocumentCreate
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/rows')
|
||||
->desc('Create row')
|
||||
->groups(['api', 'database'])
|
||||
->label('scope', 'rows.write')
|
||||
->label('scope', ['rows.write', 'documents.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('audits.event', 'row.create')
|
||||
->label('audits.resource', 'database/{request.databaseId}/table/{request.tableId}')
|
||||
|
|
|
|||
|
|
@ -36,7 +36,7 @@ class Delete extends DocumentDelete
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/rows/:rowId')
|
||||
->desc('Delete row')
|
||||
->groups(['api', 'database'])
|
||||
->label('scope', 'rows.write')
|
||||
->label('scope', ['rows.write', 'documents.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].rows.[rowId].delete')
|
||||
->label('audits.event', 'row.delete')
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ class Get extends DocumentGet
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/rows/:rowId')
|
||||
->desc('Get row')
|
||||
->groups(['api', 'database'])
|
||||
->label('scope', 'rows.read')
|
||||
->label('scope', ['rows.read', 'documents.read'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('sdk', new Method(
|
||||
namespace: $this->getSdkNamespace(),
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ class XList extends DocumentLogXList
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/rows/:rowId/logs')
|
||||
->desc('List row logs')
|
||||
->groups(['api', 'database'])
|
||||
->label('scope', 'rows.read')
|
||||
->label('scope', ['rows.read', 'documents.read'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('sdk', new Method(
|
||||
namespace: $this->getSdkNamespace(),
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ class Update extends DocumentUpdate
|
|||
->desc('Update row')
|
||||
->groups(['api', 'database'])
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].rows.[rowId].update')
|
||||
->label('scope', 'rows.write')
|
||||
->label('scope', ['rows.write', 'documents.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('audits.event', 'row.update')
|
||||
->label('audits.resource', 'database/{request.databaseId}/table/{request.tableId}/row/{response.$id}')
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ class Upsert extends DocumentUpsert
|
|||
->desc('Create or update a row')
|
||||
->groups(['api', 'database'])
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].rows.[rowId].upsert')
|
||||
->label('scope', 'rows.write')
|
||||
->label('scope', ['rows.write', 'documents.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('audits.event', 'row.upsert')
|
||||
->label('audits.resource', 'database/{request.databaseId}/table/{request.tableId}/row/{response.$id}')
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ class XList extends DocumentXList
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/rows')
|
||||
->desc('List rows')
|
||||
->groups(['api', 'database'])
|
||||
->label('scope', 'rows.read')
|
||||
->label('scope', ['rows.read', 'documents.read'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('sdk', new Method(
|
||||
namespace: $this->getSdkNamespace(),
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ class Update extends CollectionUpdate
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId')
|
||||
->desc('Update table')
|
||||
->groups(['api', 'database', 'schema'])
|
||||
->label('scope', 'tables.write')
|
||||
->label('scope', ['tables.write', 'collections.write'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('event', 'databases.[databaseId].tables.[tableId].update')
|
||||
->label('audits.event', 'table.update')
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ class Get extends CollectionUsageGet
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables/:tableId/usage')
|
||||
->desc('Get table usage stats')
|
||||
->groups(['api', 'database', 'usage'])
|
||||
->label('scope', 'tables.read')
|
||||
->label('scope', ['tables.read', 'collections.read'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('sdk', new Method(
|
||||
namespace: $this->getSdkNamespace(),
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ class XList extends CollectionXList
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/tables')
|
||||
->desc('List tables')
|
||||
->groups(['api', 'database'])
|
||||
->label('scope', 'tables.read')
|
||||
->label('scope', ['tables.read', 'collections.read'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('sdk', new Method(
|
||||
namespace: $this->getSdkNamespace(),
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ class Get extends DatabaseUsageGet
|
|||
->setHttpPath('/v1/tablesdb/:databaseId/usage')
|
||||
->desc('Get TablesDB usage stats')
|
||||
->groups(['api', 'database', 'usage'])
|
||||
->label('scope', 'tables.read')
|
||||
->label('scope', ['tables.read', 'collections.read'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('sdk', [
|
||||
new Method(
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ class XList extends DatabaseUsageXList
|
|||
->setHttpPath('/v1/tablesdb/usage')
|
||||
->desc('Get TablesDB usage stats')
|
||||
->groups(['api', 'database', 'usage'])
|
||||
->label('scope', 'tables.read')
|
||||
->label('scope', ['tables.read', 'collections.read'])
|
||||
->label('resourceType', RESOURCE_TYPE_DATABASES)
|
||||
->label('sdk', [
|
||||
new Method(
|
||||
|
|
|
|||
|
|
@ -349,11 +349,10 @@ class Swagger2 extends Format
|
|||
}
|
||||
}
|
||||
|
||||
if (!empty($scope)) { // && 'public' != $scope
|
||||
if (!empty($scope)) {
|
||||
$securities = ['Project' => []];
|
||||
|
||||
foreach ($sdk->getAuth() as $security) {
|
||||
/** @var AuthType $security */
|
||||
if (\array_key_exists($security->value, $this->keys)) {
|
||||
$securities[$security->value] = [];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ class ScopeTest extends Scope
|
|||
'x-appwrite-key' => $apiKey,
|
||||
], $gqlPayload);
|
||||
|
||||
$message = "app.{$projectId}@service.localhost (role: applications) missing scope (databases.write)";
|
||||
$message = "app.{$projectId}@service.localhost (role: applications) missing scopes ([\"databases.write\"])";
|
||||
$this->assertArrayHasKey('errors', $database['body']);
|
||||
$this->assertEquals($message, $database['body']['errors'][0]['message']);
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue