From 1e62e26ef1673e8855d0aae7baf7d811e6a431f3 Mon Sep 17 00:00:00 2001 From: Darshan Date: Sun, 12 Jan 2025 12:42:52 +0530 Subject: [PATCH 01/10] add: `userType` and `keyName` to Audits. --- app/controllers/shared/api.php | 17 +++++++--- app/init.php | 40 ++++++++++++++++++++++++ src/Appwrite/Platform/Workers/Audits.php | 2 ++ 3 files changed, 54 insertions(+), 5 deletions(-) diff --git a/app/controllers/shared/api.php b/app/controllers/shared/api.php index 182151a6c3..33adb428cb 100644 --- a/app/controllers/shared/api.php +++ b/app/controllers/shared/api.php @@ -659,6 +659,7 @@ App::shutdown() ->inject('response') ->inject('project') ->inject('user') + ->inject('userType') ->inject('queueForEvents') ->inject('queueForAudits') ->inject('queueForUsage') @@ -670,7 +671,7 @@ App::shutdown() ->inject('queueForWebhooks') ->inject('queueForRealtime') ->inject('dbForProject') - ->action(function (App $utopia, Request $request, Response $response, Document $project, Document $user, Event $queueForEvents, Audit $queueForAudits, Usage $queueForUsage, Delete $queueForDeletes, EventDatabase $queueForDatabase, Build $queueForBuilds, Messaging $queueForMessaging, Func $queueForFunctions, Event $queueForWebhooks, Realtime $queueForRealtime, Database $dbForProject) use ($parseLabel) { + ->action(function (App $utopia, Request $request, Response $response, Document $project, Document $user, Document $userType, Event $queueForEvents, Audit $queueForAudits, Usage $queueForUsage, Delete $queueForDeletes, EventDatabase $queueForDatabase, Build $queueForBuilds, Messaging $queueForMessaging, Func $queueForFunctions, Event $queueForWebhooks, Realtime $queueForRealtime, Database $dbForProject) use ($parseLabel) { $responsePayload = $response->getPayload(); @@ -708,11 +709,17 @@ App::shutdown() } } - if (!$user->isEmpty()) { - $queueForAudits->setUser($user); - } + $localUserInstance = clone $user; + $localUserInstance->setAttributes([ + 'keyName' => $userType->getAttribute('key'), + 'userType' => $userType->getAttribute('type', 'user'), + ]); - if (!empty($queueForAudits->getResource()) && !empty($queueForAudits->getUser()->getId())) { + // even if the user is empty, + // set the available info when using API Key. + $queueForAudits->setUser($localUserInstance); + + if (!empty($queueForAudits->getResource())) { /** * audits.payload is switched to default true * in order to auto audit payload for all endpoints diff --git a/app/init.php b/app/init.php index 0a241813b5..43a5526f9e 100644 --- a/app/init.php +++ b/app/init.php @@ -1349,6 +1349,46 @@ App::setResource('project', function ($dbForPlatform, $request, $console) { return $project; }, ['dbForPlatform', 'request', 'console']); +App::setResource('userType', function ($request, $project, $user) { + /** @var Appwrite\Utopia\Request $request */ + /** @var Utopia\Database\Document $project */ + /** @var Utopia\Database\Document $user */ + + $userType = new Document(); + $apiKey = $request->getHeader('x-appwrite-key', ''); + + // Case 1: User exists, no API key + if (!$user->isEmpty() && empty($apiKey)) { + $userType + ->setAttribute('key', null) + ->setAttribute('type', 'user'); + return $userType; + } + + // Case 2: API key exists, user is empty + if (!empty($apiKey) && $user->isEmpty()) { + $userType->setAttribute('type', 'app'); + + // covers both legacy and new format. + $keyType = \str_contains($apiKey, '_') + ? \explode('_', $apiKey, 2)[0] + : API_KEY_STANDARD; + + switch ($keyType) { + case API_KEY_STANDARD: + $key = $project->find('secret', $apiKey, 'keys'); + $userType->setAttribute('key', $key ? $key->getAttribute('name', 'UNKNOWN') : 'UNKNOWN'); + break; + + case API_KEY_DYNAMIC: + $userType->setAttribute('key', 'dynamic'); + break; + } + } + + return $userType; +}, ['request', 'project', 'user']); + App::setResource('session', function (Document $user) { if ($user->isEmpty()) { return; diff --git a/src/Appwrite/Platform/Workers/Audits.php b/src/Appwrite/Platform/Workers/Audits.php index 86ca59d3fd..f2825abddf 100644 --- a/src/Appwrite/Platform/Workers/Audits.php +++ b/src/Appwrite/Platform/Workers/Audits.php @@ -76,6 +76,8 @@ class Audits extends Action 'userEmail' => $userEmail, 'mode' => $mode, 'data' => $auditPayload, + 'keyName' => $user->getAttribute('keyName'), + 'userType' => $user->getAttribute('userType'), ] ); } From e237f7c05d8994863bc06a35010628a9ed97c30b Mon Sep 17 00:00:00 2001 From: Darshan Date: Sun, 12 Jan 2025 16:58:38 +0530 Subject: [PATCH 02/10] address comments: make things less complex. --- app/controllers/shared/api.php | 42 ++++++++++++++---------- app/init.php | 40 ---------------------- src/Appwrite/Auth/Auth.php | 6 ++++ src/Appwrite/Platform/Workers/Audits.php | 2 -- 4 files changed, 31 insertions(+), 59 deletions(-) diff --git a/app/controllers/shared/api.php b/app/controllers/shared/api.php index 33adb428cb..dfb491594d 100644 --- a/app/controllers/shared/api.php +++ b/app/controllers/shared/api.php @@ -185,13 +185,14 @@ App::init() ->inject('request') ->inject('dbForPlatform') ->inject('dbForProject') + ->inject('queueForAudits') ->inject('project') ->inject('user') ->inject('session') ->inject('servers') ->inject('mode') ->inject('team') - ->action(function (App $utopia, Request $request, Database $dbForPlatform, Database $dbForProject, Document $project, Document $user, ?Document $session, array $servers, string $mode, Document $team) { + ->action(function (App $utopia, Request $request, Database $dbForPlatform, Database $dbForProject, Audit $queueForAudits, Document $project, Document $user, ?Document $session, array $servers, string $mode, Document $team) { $route = $utopia->getRoute(); if ($project->isEmpty()) { @@ -243,9 +244,10 @@ App::init() $user = new Document([ '$id' => '', 'status' => true, + 'type' => Auth::AUDIT_TYPE_APP, 'email' => 'app.' . $project->getId() . '@service.' . $request->getHostname(), 'password' => '', - 'name' => $project->getAttribute('name', 'Untitled'), + 'name' => 'Dynamic Key', ]); $role = Auth::USER_ROLE_APPS; @@ -253,6 +255,9 @@ App::init() Authorization::setRole(Auth::USER_ROLE_APPS); Authorization::setDefaultStatus(false); // Cancel security segmentation for API keys. + + // dynamic api key user + $queueForAudits->setUser($user); } } elseif ($keyType === API_KEY_STANDARD) { // No underline means no prefix. Backwards compatibility. @@ -264,9 +269,10 @@ App::init() $user = new Document([ '$id' => '', 'status' => true, + 'type' => Auth::AUDIT_TYPE_APP, 'email' => 'app.' . $project->getId() . '@service.' . $request->getHostname(), 'password' => '', - 'name' => $project->getAttribute('name', 'Untitled'), + 'name' => $key->getAttribute('name', 'UNKNOWN'), ]); $role = Auth::USER_ROLE_APPS; @@ -301,6 +307,8 @@ App::init() $dbForPlatform->purgeCachedDocument('projects', $project->getId()); } } + + $queueForAudits->setUser($user); } } } @@ -508,8 +516,14 @@ App::init() ->setIP($request->getIP()) ->setHostname($request->getHostname()) ->setEvent($route->getLabel('audits.event', '')) - ->setProject($project) - ->setUser($user); + ->setProject($project); + + // check first, + // as api key user might already exists + if (!$user->isEmpty()) { + $user->setAttribute('type', Auth::AUDIT_TYPE_USER); + $queueForAudits->setUser($user); + } $queueForDeletes->setProject($project); $queueForDatabase->setProject($project); @@ -659,7 +673,6 @@ App::shutdown() ->inject('response') ->inject('project') ->inject('user') - ->inject('userType') ->inject('queueForEvents') ->inject('queueForAudits') ->inject('queueForUsage') @@ -671,7 +684,7 @@ App::shutdown() ->inject('queueForWebhooks') ->inject('queueForRealtime') ->inject('dbForProject') - ->action(function (App $utopia, Request $request, Response $response, Document $project, Document $user, Document $userType, Event $queueForEvents, Audit $queueForAudits, Usage $queueForUsage, Delete $queueForDeletes, EventDatabase $queueForDatabase, Build $queueForBuilds, Messaging $queueForMessaging, Func $queueForFunctions, Event $queueForWebhooks, Realtime $queueForRealtime, Database $dbForProject) use ($parseLabel) { + ->action(function (App $utopia, Request $request, Response $response, Document $project, Document $user, Event $queueForEvents, Audit $queueForAudits, Usage $queueForUsage, Delete $queueForDeletes, EventDatabase $queueForDatabase, Build $queueForBuilds, Messaging $queueForMessaging, Func $queueForFunctions, Event $queueForWebhooks, Realtime $queueForRealtime, Database $dbForProject) use ($parseLabel) { $responsePayload = $response->getPayload(); @@ -709,17 +722,12 @@ App::shutdown() } } - $localUserInstance = clone $user; - $localUserInstance->setAttributes([ - 'keyName' => $userType->getAttribute('key'), - 'userType' => $userType->getAttribute('type', 'user'), - ]); + if (!$user->isEmpty()) { + $user->setAttribute('type', Auth::AUDIT_TYPE_USER); + $queueForAudits->setUser($user); + } - // even if the user is empty, - // set the available info when using API Key. - $queueForAudits->setUser($localUserInstance); - - if (!empty($queueForAudits->getResource())) { + if (!empty($queueForAudits->getResource()) && !$queueForAudits->getUser()->isEmpty()) { /** * audits.payload is switched to default true * in order to auto audit payload for all endpoints diff --git a/app/init.php b/app/init.php index 43a5526f9e..0a241813b5 100644 --- a/app/init.php +++ b/app/init.php @@ -1349,46 +1349,6 @@ App::setResource('project', function ($dbForPlatform, $request, $console) { return $project; }, ['dbForPlatform', 'request', 'console']); -App::setResource('userType', function ($request, $project, $user) { - /** @var Appwrite\Utopia\Request $request */ - /** @var Utopia\Database\Document $project */ - /** @var Utopia\Database\Document $user */ - - $userType = new Document(); - $apiKey = $request->getHeader('x-appwrite-key', ''); - - // Case 1: User exists, no API key - if (!$user->isEmpty() && empty($apiKey)) { - $userType - ->setAttribute('key', null) - ->setAttribute('type', 'user'); - return $userType; - } - - // Case 2: API key exists, user is empty - if (!empty($apiKey) && $user->isEmpty()) { - $userType->setAttribute('type', 'app'); - - // covers both legacy and new format. - $keyType = \str_contains($apiKey, '_') - ? \explode('_', $apiKey, 2)[0] - : API_KEY_STANDARD; - - switch ($keyType) { - case API_KEY_STANDARD: - $key = $project->find('secret', $apiKey, 'keys'); - $userType->setAttribute('key', $key ? $key->getAttribute('name', 'UNKNOWN') : 'UNKNOWN'); - break; - - case API_KEY_DYNAMIC: - $userType->setAttribute('key', 'dynamic'); - break; - } - } - - return $userType; -}, ['request', 'project', 'user']); - App::setResource('session', function (Document $user) { if ($user->isEmpty()) { return; diff --git a/src/Appwrite/Auth/Auth.php b/src/Appwrite/Auth/Auth.php index 1e8109622e..a2bb2dea1c 100644 --- a/src/Appwrite/Auth/Auth.php +++ b/src/Appwrite/Auth/Auth.php @@ -43,6 +43,12 @@ class Auth public const USER_ROLE_APPS = 'apps'; public const USER_ROLE_SYSTEM = 'system'; + /** + * Audit User Types. + */ + public const AUDIT_TYPE_APP = 'app'; + public const AUDIT_TYPE_USER = 'user'; + /** * Token Types. */ diff --git a/src/Appwrite/Platform/Workers/Audits.php b/src/Appwrite/Platform/Workers/Audits.php index f2825abddf..86ca59d3fd 100644 --- a/src/Appwrite/Platform/Workers/Audits.php +++ b/src/Appwrite/Platform/Workers/Audits.php @@ -76,8 +76,6 @@ class Audits extends Action 'userEmail' => $userEmail, 'mode' => $mode, 'data' => $auditPayload, - 'keyName' => $user->getAttribute('keyName'), - 'userType' => $user->getAttribute('userType'), ] ); } From f4f0b3f0fe69f035c34381fc9d8c414212f896a9 Mon Sep 17 00:00:00 2001 From: Darshan Date: Sun, 12 Jan 2025 17:06:27 +0530 Subject: [PATCH 03/10] add: `userType`to audit data. --- src/Appwrite/Platform/Workers/Audits.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/Appwrite/Platform/Workers/Audits.php b/src/Appwrite/Platform/Workers/Audits.php index 86ca59d3fd..2c1cb488ad 100644 --- a/src/Appwrite/Platform/Workers/Audits.php +++ b/src/Appwrite/Platform/Workers/Audits.php @@ -2,6 +2,7 @@ namespace Appwrite\Platform\Workers; +use Appwrite\Auth\Auth; use Exception; use Throwable; use Utopia\Audit\Audit; @@ -60,6 +61,7 @@ class Audits extends Action $userName = $user->getAttribute('name', ''); $userEmail = $user->getAttribute('email', ''); + $userType = $user->getAttribute('type', Auth::AUDIT_TYPE_USER); $audit = new Audit($dbForProject); $audit->log( @@ -74,6 +76,7 @@ class Audits extends Action 'userId' => $user->getId(), 'userName' => $userName, 'userEmail' => $userEmail, + 'userType' => $userType, 'mode' => $mode, 'data' => $auditPayload, ] From 377627118f9fc475f8de20aa3a102559cf43062f Mon Sep 17 00:00:00 2001 From: Darshan Date: Sun, 12 Jan 2025 18:27:58 +0530 Subject: [PATCH 04/10] address comments: change type names. --- app/controllers/shared/api.php | 8 ++++---- src/Appwrite/Auth/Auth.php | 6 +++--- src/Appwrite/Platform/Workers/Audits.php | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/app/controllers/shared/api.php b/app/controllers/shared/api.php index dfb491594d..d27794d9b8 100644 --- a/app/controllers/shared/api.php +++ b/app/controllers/shared/api.php @@ -244,7 +244,7 @@ App::init() $user = new Document([ '$id' => '', 'status' => true, - 'type' => Auth::AUDIT_TYPE_APP, + 'type' => Auth::ACTIVITY_TYPE_APP, 'email' => 'app.' . $project->getId() . '@service.' . $request->getHostname(), 'password' => '', 'name' => 'Dynamic Key', @@ -269,7 +269,7 @@ App::init() $user = new Document([ '$id' => '', 'status' => true, - 'type' => Auth::AUDIT_TYPE_APP, + 'type' => Auth::ACTIVITY_TYPE_APP, 'email' => 'app.' . $project->getId() . '@service.' . $request->getHostname(), 'password' => '', 'name' => $key->getAttribute('name', 'UNKNOWN'), @@ -521,7 +521,7 @@ App::init() // check first, // as api key user might already exists if (!$user->isEmpty()) { - $user->setAttribute('type', Auth::AUDIT_TYPE_USER); + $user->setAttribute('type', Auth::ACTIVITY_TYPE_USER); $queueForAudits->setUser($user); } @@ -723,7 +723,7 @@ App::shutdown() } if (!$user->isEmpty()) { - $user->setAttribute('type', Auth::AUDIT_TYPE_USER); + $user->setAttribute('type', Auth::ACTIVITY_TYPE_USER); $queueForAudits->setUser($user); } diff --git a/src/Appwrite/Auth/Auth.php b/src/Appwrite/Auth/Auth.php index a2bb2dea1c..c8ce06a323 100644 --- a/src/Appwrite/Auth/Auth.php +++ b/src/Appwrite/Auth/Auth.php @@ -44,10 +44,10 @@ class Auth public const USER_ROLE_SYSTEM = 'system'; /** - * Audit User Types. + * Activity associated with user or the app. */ - public const AUDIT_TYPE_APP = 'app'; - public const AUDIT_TYPE_USER = 'user'; + public const ACTIVITY_TYPE_APP = 'app'; + public const ACTIVITY_TYPE_USER = 'user'; /** * Token Types. diff --git a/src/Appwrite/Platform/Workers/Audits.php b/src/Appwrite/Platform/Workers/Audits.php index 2c1cb488ad..c0bcab1c3a 100644 --- a/src/Appwrite/Platform/Workers/Audits.php +++ b/src/Appwrite/Platform/Workers/Audits.php @@ -61,7 +61,7 @@ class Audits extends Action $userName = $user->getAttribute('name', ''); $userEmail = $user->getAttribute('email', ''); - $userType = $user->getAttribute('type', Auth::AUDIT_TYPE_USER); + $userType = $user->getAttribute('type', Auth::ACTIVITY_TYPE_USER); $audit = new Audit($dbForProject); $audit->log( From e9479db0fa6dd717642b463d8e9aeabb01351312 Mon Sep 17 00:00:00 2001 From: Darshan Date: Tue, 14 Jan 2025 13:18:11 +0530 Subject: [PATCH 05/10] add: anonymous user type to audit/activity. --- app/controllers/shared/api.php | 20 ++++++++++++++++++++ src/Appwrite/Auth/Auth.php | 1 + 2 files changed, 21 insertions(+) diff --git a/app/controllers/shared/api.php b/app/controllers/shared/api.php index d27794d9b8..6a0e4a34fa 100644 --- a/app/controllers/shared/api.php +++ b/app/controllers/shared/api.php @@ -308,6 +308,7 @@ App::init() } } + // standard api key user $queueForAudits->setUser($user); } } @@ -724,6 +725,25 @@ App::shutdown() if (!$user->isEmpty()) { $user->setAttribute('type', Auth::ACTIVITY_TYPE_USER); + $queueForAudits->setUser($user); + } elseif ($queueForAudits->getUser() === null || $queueForAudits->getUser()->isEmpty()) { + /** + * User in the request is empty, and no user was set for auditing previously. + * This indicates: + * - No API Key was used. + * - No active session exists. + * + * Therefore, we consider this an anonymous request and create a relevant user. + */ + $user = new Document([ + '$id' => '', + 'status' => true, + 'type' => Auth::ACTIVITY_TYPE_ANONYMOUS, + 'email' => 'anonymous.' . $project->getId() . '@service.' . $request->getHostname(), + 'password' => '', + 'name' => 'Anonymous', + ]); + $queueForAudits->setUser($user); } diff --git a/src/Appwrite/Auth/Auth.php b/src/Appwrite/Auth/Auth.php index c8ce06a323..caa1e23478 100644 --- a/src/Appwrite/Auth/Auth.php +++ b/src/Appwrite/Auth/Auth.php @@ -48,6 +48,7 @@ class Auth */ public const ACTIVITY_TYPE_APP = 'app'; public const ACTIVITY_TYPE_USER = 'user'; + public const ACTIVITY_TYPE_ANONYMOUS = 'anonymous'; /** * Token Types. From fabf581d21e8641c8e042b20a8bf094893fc0028 Mon Sep 17 00:00:00 2001 From: Darshan Date: Tue, 14 Jan 2025 13:47:01 +0530 Subject: [PATCH 06/10] fix: tests. --- app/controllers/shared/api.php | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/app/controllers/shared/api.php b/app/controllers/shared/api.php index 6a0e4a34fa..a88615e729 100644 --- a/app/controllers/shared/api.php +++ b/app/controllers/shared/api.php @@ -522,8 +522,10 @@ App::init() // check first, // as api key user might already exists if (!$user->isEmpty()) { - $user->setAttribute('type', Auth::ACTIVITY_TYPE_USER); - $queueForAudits->setUser($user); + $typedUser = clone $user; + // $user doesn't support `type` and can cause unintended effects. + $typedUser->setAttribute('type', Auth::ACTIVITY_TYPE_USER); + $queueForAudits->setUser($typedUser); } $queueForDeletes->setProject($project); @@ -724,8 +726,10 @@ App::shutdown() } if (!$user->isEmpty()) { - $user->setAttribute('type', Auth::ACTIVITY_TYPE_USER); - $queueForAudits->setUser($user); + $typedUser = clone $user; + // $user doesn't support `type` and can cause unintended effects. + $typedUser->setAttribute('type', Auth::ACTIVITY_TYPE_USER); + $queueForAudits->setUser($typedUser); } elseif ($queueForAudits->getUser() === null || $queueForAudits->getUser()->isEmpty()) { /** * User in the request is empty, and no user was set for auditing previously. From 25431adafb3229f968d6bde2fd55fbba2e072f2c Mon Sep 17 00:00:00 2001 From: Darshan Date: Tue, 14 Jan 2025 17:45:49 +0530 Subject: [PATCH 07/10] address comment: anonymous > guest. --- app/controllers/shared/api.php | 6 +++--- src/Appwrite/Auth/Auth.php | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/app/controllers/shared/api.php b/app/controllers/shared/api.php index a88615e729..6c90e6ed60 100644 --- a/app/controllers/shared/api.php +++ b/app/controllers/shared/api.php @@ -742,10 +742,10 @@ App::shutdown() $user = new Document([ '$id' => '', 'status' => true, - 'type' => Auth::ACTIVITY_TYPE_ANONYMOUS, - 'email' => 'anonymous.' . $project->getId() . '@service.' . $request->getHostname(), + 'type' => Auth::ACTIVITY_TYPE_GUEST, + 'email' => 'guest.' . $project->getId() . '@service.' . $request->getHostname(), 'password' => '', - 'name' => 'Anonymous', + 'name' => 'Guest', ]); $queueForAudits->setUser($user); diff --git a/src/Appwrite/Auth/Auth.php b/src/Appwrite/Auth/Auth.php index caa1e23478..8555d5cb00 100644 --- a/src/Appwrite/Auth/Auth.php +++ b/src/Appwrite/Auth/Auth.php @@ -48,7 +48,7 @@ class Auth */ public const ACTIVITY_TYPE_APP = 'app'; public const ACTIVITY_TYPE_USER = 'user'; - public const ACTIVITY_TYPE_ANONYMOUS = 'anonymous'; + public const ACTIVITY_TYPE_GUEST = 'guest'; /** * Token Types. From f8f403a66aa421b6053244899c1c08ad252b8b95 Mon Sep 17 00:00:00 2001 From: Darshan Date: Tue, 21 Jan 2025 12:02:08 +0530 Subject: [PATCH 08/10] remove: comments. --- app/controllers/shared/api.php | 2 -- 1 file changed, 2 deletions(-) diff --git a/app/controllers/shared/api.php b/app/controllers/shared/api.php index b231903d8e..012ff3d420 100644 --- a/app/controllers/shared/api.php +++ b/app/controllers/shared/api.php @@ -259,7 +259,6 @@ App::init() Authorization::setRole(Auth::USER_ROLE_APPS); Authorization::setDefaultStatus(false); // Cancel security segmentation for API keys. - // dynamic api key user $queueForAudits->setUser($user); } } elseif ($keyType === API_KEY_STANDARD) { @@ -311,7 +310,6 @@ App::init() } } - // standard api key user $queueForAudits->setUser($user); } } From 3c3559aee5be3d814cc7e5b7bb7e0b40be2db1b1 Mon Sep 17 00:00:00 2001 From: Darshan Date: Tue, 21 Jan 2025 12:07:03 +0530 Subject: [PATCH 09/10] update: apply comment suggestion. --- app/controllers/shared/api.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/app/controllers/shared/api.php b/app/controllers/shared/api.php index 012ff3d420..086129f116 100644 --- a/app/controllers/shared/api.php +++ b/app/controllers/shared/api.php @@ -520,8 +520,7 @@ App::init() ->setEvent($route->getLabel('audits.event', '')) ->setProject($project); - // check first, - // as api key user might already exists + /* If a session exists, use the user associated with the session */ if (!$user->isEmpty()) { $typedUser = clone $user; // $user doesn't support `type` and can cause unintended effects. From bc533aeeaacf0ad279a754305622e1efbe0e6392 Mon Sep 17 00:00:00 2001 From: Darshan Date: Tue, 21 Jan 2025 12:11:20 +0530 Subject: [PATCH 10/10] update: change var name. --- app/controllers/shared/api.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/app/controllers/shared/api.php b/app/controllers/shared/api.php index 086129f116..dafebb735d 100644 --- a/app/controllers/shared/api.php +++ b/app/controllers/shared/api.php @@ -522,10 +522,10 @@ App::init() /* If a session exists, use the user associated with the session */ if (!$user->isEmpty()) { - $typedUser = clone $user; + $userClone = clone $user; // $user doesn't support `type` and can cause unintended effects. - $typedUser->setAttribute('type', Auth::ACTIVITY_TYPE_USER); - $queueForAudits->setUser($typedUser); + $userClone->setAttribute('type', Auth::ACTIVITY_TYPE_USER); + $queueForAudits->setUser($userClone); } $queueForDeletes->setProject($project); @@ -734,10 +734,10 @@ App::shutdown() } if (!$user->isEmpty()) { - $typedUser = clone $user; + $userClone = clone $user; // $user doesn't support `type` and can cause unintended effects. - $typedUser->setAttribute('type', Auth::ACTIVITY_TYPE_USER); - $queueForAudits->setUser($typedUser); + $userClone->setAttribute('type', Auth::ACTIVITY_TYPE_USER); + $queueForAudits->setUser($userClone); } elseif ($queueForAudits->getUser() === null || $queueForAudits->getUser()->isEmpty()) { /** * User in the request is empty, and no user was set for auditing previously.