fix: permission
This commit is contained in:
FoskyM
parent
9db7eec2cf
commit
6b4c5ef703
3 changed files with 42 additions and 1 deletions
|
|
@ -217,6 +217,7 @@ img.oauth-scope-object {
|
||||||
font-weight: 800;
|
font-weight: 800;
|
||||||
color: #382e2e;
|
color: #382e2e;
|
||||||
margin-block-end: 0;
|
margin-block-end: 0;
|
||||||
|
font-size: 12px;
|
||||||
}
|
}
|
||||||
|
|
||||||
.oauth-scope-body small {
|
.oauth-scope-body small {
|
||||||
|
|
|
||||||
|
|
@ -9,6 +9,7 @@ use Psr\Http\Message\ServerRequestInterface;
|
||||||
use Tobscure\JsonApi\Document;
|
use Tobscure\JsonApi\Document;
|
||||||
use FoskyM\OAuthCenter\Models\Scope;
|
use FoskyM\OAuthCenter\Models\Scope;
|
||||||
use FoskyM\OAuthCenter\Api\Serializer\ScopeSerializer;
|
use FoskyM\OAuthCenter\Api\Serializer\ScopeSerializer;
|
||||||
|
use FoskyM\OAuthCenter\Api\Serializer\ScopeUserSerializer;
|
||||||
|
|
||||||
class ListScopeController extends AbstractListController
|
class ListScopeController extends AbstractListController
|
||||||
{
|
{
|
||||||
|
|
@ -16,7 +17,15 @@ class ListScopeController extends AbstractListController
|
||||||
protected function data(ServerRequestInterface $request, Document $document)
|
protected function data(ServerRequestInterface $request, Document $document)
|
||||||
{
|
{
|
||||||
$actor = RequestUtil::getActor($request);
|
$actor = RequestUtil::getActor($request);
|
||||||
|
try {
|
||||||
$actor->assertAdmin();
|
$actor->assertAdmin();
|
||||||
|
} catch (\Exception $e) {
|
||||||
|
$actor->assertRegistered();
|
||||||
|
if (!$actor->hasPermission('foskym-oauth-center.use-oauth')) {
|
||||||
|
return [];
|
||||||
|
}
|
||||||
|
$this->serializer = ScopeUserSerializer::class;
|
||||||
|
}
|
||||||
|
|
||||||
return Scope::all();
|
return Scope::all();
|
||||||
}
|
}
|
||||||
|
|
|
||||||
31
src/Api/Serializer/ScopeUserSerializer.php
Normal file
31
src/Api/Serializer/ScopeUserSerializer.php
Normal file
|
|
@ -0,0 +1,31 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace FoskyM\OAuthCenter\Api\Serializer;
|
||||||
|
|
||||||
|
use Flarum\Api\Serializer\AbstractSerializer;
|
||||||
|
use FoskyM\OAuthCenter\Models\Scope;
|
||||||
|
use InvalidArgumentException;
|
||||||
|
|
||||||
|
class ScopeUserSerializer extends AbstractSerializer
|
||||||
|
{
|
||||||
|
protected $type = 'oauth-scopes';
|
||||||
|
|
||||||
|
protected function getDefaultAttributes($model)
|
||||||
|
{
|
||||||
|
if (!($model instanceof Scope)) {
|
||||||
|
throw new InvalidArgumentException(
|
||||||
|
get_class($this) . ' can only serialize instances of ' . Scope::class
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
// See https://docs.flarum.org/extend/api.html#serializers for more information.
|
||||||
|
|
||||||
|
return [
|
||||||
|
"scope" => $model->scope,
|
||||||
|
"is_default" => $model->is_default,
|
||||||
|
"scope_name" => $model->scope_name,
|
||||||
|
"scope_icon" => $model->scope_icon,
|
||||||
|
"scope_desc" => $model->scope_desc,
|
||||||
|
];
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Reference in a new issue