Elgato_dark/appwrite
1
0
Fork 0
mirror of https://github.com/appwrite/appwrite synced 2026-05-24 09:28:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

chore: add stricter checks according to review

Browse source
This commit is contained in:
Chirag Aggarwal 2025-04-18 15:32:25 +00:00
parent ba22e5f457
commit d130e7d3bd
7 changed files with 13 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/api/storage.php
View file

@ -954,7 +954,7 @@ App::get('/v1/storage/buckets/:bucketId/files/:fileId/preview')
throw new Exception(Exception::STORAGE_BUCKET_NOT_FOUND);
}
$isToken = !$resourceToken->isEmpty() && $resourceToken->getAttribute('bucketInternalId') == $bucket->getInternalId();
$isToken = !$resourceToken->isEmpty() && $resourceToken->getAttribute('bucketInternalId') === $bucket->getInternalId();
$fileSecurity = $bucket->getAttribute('fileSecurity', false);
$validator = new Authorization(Database::PERMISSION_READ);
$valid = $validator->isValid($bucket->getRead());

2
app/controllers/shared/api.php
View file

@ -542,7 +542,7 @@ App::init()
$bucketId = $parts[1] ?? null;
$bucket = Authorization::skip(fn () => $dbForProject->getDocument('buckets', $bucketId));
$isToken = !$resourceToken->isEmpty() && $resourceToken->getAttribute('bucketInternalId') == $bucket->getInternalId();
$isToken = !$resourceToken->isEmpty() && $resourceToken->getAttribute('bucketInternalId') === $bucket->getInternalId();
$isAPIKey = Auth::isAppUser(Authorization::getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles());

4
app/init/resources.php
View file

@ -861,7 +861,7 @@ App::setResource('resourceToken', function ($project, $dbForProject, $request) {
$token = Authorization::skip(fn () => $dbForProject->getDocument('resourceTokens', $tokenId));
if ($token->isEmpty() || $token->getAttribute('secret') != $secret) {
if ($token->isEmpty() || $token->getAttribute('secret') !== $secret) {
return new Document([]);
}
@ -869,7 +869,7 @@ App::setResource('resourceToken', function ($project, $dbForProject, $request) {
$internalIds = explode(':', $token->getAttribute('resourceInternalId'));
$ids = explode(':', $token->getAttribute('resourceId'));
if (count($internalIds) != 2 || count($ids) != 2) {
if (count($internalIds) !== 2 || count($ids) !== 2) {
return new Document([]);
}

11
src/Appwrite/Platform/Modules/Storage/Http/Tokens/Buckets/Files/Create.php
View file

@ -82,12 +82,13 @@ class Create extends Action
$fileSecurity = $bucket->getAttribute('fileSecurity', false);
$validator = new Authorization(Database::PERMISSION_UPDATE);
$bucketPermission = $validator->isValid($bucket->getUpdate());
if (!$fileSecurity && !$bucketPermission) {
throw new Exception(Exception::USER_UNAUTHORIZED);
}
$filePermission = $validator->isValid($file->getUpdate());
if ($fileSecurity && !$bucketPermission && !$filePermission) {
if ($fileSecurity) {
$filePermission = $validator->isValid($file->getUpdate());
if (!$bucketPermission && !$filePermission) {
throw new Exception(Exception::USER_UNAUTHORIZED);
}
} elseif (!$bucketPermission) {
throw new Exception(Exception::USER_UNAUTHORIZED);
}

2
src/Appwrite/Platform/Modules/Storage/Http/Tokens/JWT/Get.php
View file

@ -66,7 +66,7 @@ class Get extends Action
// calculate maxAge based on expiry date
$maxAge = PHP_INT_MAX;
$expire = $token->getAttribute('expire');
if ($expire != null) {
if ($expire !== null) {
$now = new \DateTime();
$expiryDate = new \DateTime($expire);
if ($expiryDate < $now) {

2
src/Appwrite/Specification/Format/OpenAPI3.php
View file

@ -177,7 +177,7 @@ class OpenAPI3 extends Format
$namespace = $sdk->getNamespace() ?? 'default';
$desc = $desc ?? '';
$desc ??= '';
$descContents = \str_ends_with($desc, '.md') ? \file_get_contents($desc) : $desc;
$temp = [

2
src/Appwrite/Specification/Format/Swagger2.php
View file

@ -173,7 +173,7 @@ class Swagger2 extends Format
$namespace = $sdk->getNamespace() ?? 'default';
$desc = $desc ?? '';
$desc ??= '';
$descContents = \str_ends_with($desc, '.md') ? \file_get_contents($desc) : $desc;
$temp = [