fix: permission
This commit is contained in:
parent
9db7eec2cf
commit
6b4c5ef703
3 changed files with 42 additions and 1 deletions
|
@ -217,6 +217,7 @@ img.oauth-scope-object {
|
|||
font-weight: 800;
|
||||
color: #382e2e;
|
||||
margin-block-end: 0;
|
||||
font-size: 12px;
|
||||
}
|
||||
|
||||
.oauth-scope-body small {
|
||||
|
|
|
@ -9,6 +9,7 @@ use Psr\Http\Message\ServerRequestInterface;
|
|||
use Tobscure\JsonApi\Document;
|
||||
use FoskyM\OAuthCenter\Models\Scope;
|
||||
use FoskyM\OAuthCenter\Api\Serializer\ScopeSerializer;
|
||||
use FoskyM\OAuthCenter\Api\Serializer\ScopeUserSerializer;
|
||||
|
||||
class ListScopeController extends AbstractListController
|
||||
{
|
||||
|
@ -16,7 +17,15 @@ class ListScopeController extends AbstractListController
|
|||
protected function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
$actor = RequestUtil::getActor($request);
|
||||
$actor->assertAdmin();
|
||||
try {
|
||||
$actor->assertAdmin();
|
||||
} catch (\Exception $e) {
|
||||
$actor->assertRegistered();
|
||||
if (!$actor->hasPermission('foskym-oauth-center.use-oauth')) {
|
||||
return [];
|
||||
}
|
||||
$this->serializer = ScopeUserSerializer::class;
|
||||
}
|
||||
|
||||
return Scope::all();
|
||||
}
|
||||
|
|
31
src/Api/Serializer/ScopeUserSerializer.php
Normal file
31
src/Api/Serializer/ScopeUserSerializer.php
Normal file
|
@ -0,0 +1,31 @@
|
|||
<?php
|
||||
|
||||
namespace FoskyM\OAuthCenter\Api\Serializer;
|
||||
|
||||
use Flarum\Api\Serializer\AbstractSerializer;
|
||||
use FoskyM\OAuthCenter\Models\Scope;
|
||||
use InvalidArgumentException;
|
||||
|
||||
class ScopeUserSerializer extends AbstractSerializer
|
||||
{
|
||||
protected $type = 'oauth-scopes';
|
||||
|
||||
protected function getDefaultAttributes($model)
|
||||
{
|
||||
if (!($model instanceof Scope)) {
|
||||
throw new InvalidArgumentException(
|
||||
get_class($this) . ' can only serialize instances of ' . Scope::class
|
||||
);
|
||||
}
|
||||
|
||||
// See https://docs.flarum.org/extend/api.html#serializers for more information.
|
||||
|
||||
return [
|
||||
"scope" => $model->scope,
|
||||
"is_default" => $model->is_default,
|
||||
"scope_name" => $model->scope_name,
|
||||
"scope_icon" => $model->scope_icon,
|
||||
"scope_desc" => $model->scope_desc,
|
||||
];
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue