rain-plus/forum-oauth-center
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity

Merge pull request #7 from FoskyM/bugfix/6-user-group

Browse source 
fix: permission
This commit is contained in:
FoskyM 2023-12-07 11:01:07 +08:00 committed by GitHub
commit bd4402f98c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 42 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
less/forum/oauth.less
View file

@ -217,6 +217,7 @@ img.oauth-scope-object {
font-weight: 800; font-weight: 800;
color: #382e2e; color: #382e2e;
margin-block-end: 0; margin-block-end: 0;
font-size: 12px;
} }
.oauth-scope-body small { .oauth-scope-body small {

9
src/Api/Controller/ListScopeController.php
View file

@ -9,6 +9,7 @@ use Psr\Http\Message\ServerRequestInterface;
use Tobscure\JsonApi\Document; use Tobscure\JsonApi\Document;
use FoskyM\OAuthCenter\Models\Scope; use FoskyM\OAuthCenter\Models\Scope;
use FoskyM\OAuthCenter\Api\Serializer\ScopeSerializer; use FoskyM\OAuthCenter\Api\Serializer\ScopeSerializer;
use FoskyM\OAuthCenter\Api\Serializer\ScopeUserSerializer;
class ListScopeController extends AbstractListController class ListScopeController extends AbstractListController
{ {
@ -16,7 +17,15 @@ class ListScopeController extends AbstractListController
protected function data(ServerRequestInterface $request, Document $document) protected function data(ServerRequestInterface $request, Document $document)
{ {
$actor = RequestUtil::getActor($request); $actor = RequestUtil::getActor($request);
try {
$actor->assertAdmin(); $actor->assertAdmin();
} catch (\Exception $e) {
$actor->assertRegistered();
if (!$actor->hasPermission('foskym-oauth-center.use-oauth')) {
return [];
}
$this->serializer = ScopeUserSerializer::class;
}
return Scope::all(); return Scope::all();
} }

31
src/Api/Serializer/ScopeUserSerializer.php Normal file
View file

@ -0,0 +1,31 @@
<?php
namespace FoskyM\OAuthCenter\Api\Serializer;
use Flarum\Api\Serializer\AbstractSerializer;
use FoskyM\OAuthCenter\Models\Scope;
use InvalidArgumentException;
class ScopeUserSerializer extends AbstractSerializer
{
protected $type = 'oauth-scopes';
protected function getDefaultAttributes($model)
{
if (!($model instanceof Scope)) {
throw new InvalidArgumentException(
get_class($this) . ' can only serialize instances of ' . Scope::class
);
}
// See https://docs.flarum.org/extend/api.html#serializers for more information.
return [
"scope" => $model->scope,
"is_default" => $model->is_default,
"scope_name" => $model->scope_name,
"scope_icon" => $model->scope_icon,
"scope_desc" => $model->scope_desc,
];
}
}