friendica
/
friendica
mirror of https://git.friendi.ca/friendica/friendica.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Get rid of "api_user()" function

pull/10381/head
Michael 2021-06-08 20:41:46 +00:00
parent 8bf5dd187b
commit e4be1e0cd5
1 changed files with 8 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
src/Module/BaseApi.php
View File

@ -61,52 +61,44 @@ class BaseApi extends BaseModule
public static function delete(array $parameters = []) public static function delete(array $parameters = [])
{ {
if (!api_user()) { self::checkAllowedScope(self::SCOPE_WRITE);
throw new HTTPException\UnauthorizedException(DI::l10n()->t('Permission denied.'));
}
$a = DI::app(); $a = DI::app();
if (!empty($a->user['uid']) && $a->user['uid'] != api_user()) { if (!empty($a->user['uid']) && $a->user['uid'] != self::getCurrentUserID()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
} }
} }
public static function patch(array $parameters = []) public static function patch(array $parameters = [])
{ {
if (!api_user()) { self::checkAllowedScope(self::SCOPE_WRITE);
throw new HTTPException\UnauthorizedException(DI::l10n()->t('Permission denied.'));
}
$a = DI::app(); $a = DI::app();
if (!empty($a->user['uid']) && $a->user['uid'] != api_user()) { if (!empty($a->user['uid']) && $a->user['uid'] != self::getCurrentUserID()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
} }
} }
public static function post(array $parameters = []) public static function post(array $parameters = [])
{ {
if (!api_user()) { self::checkAllowedScope(self::SCOPE_WRITE);
throw new HTTPException\UnauthorizedException(DI::l10n()->t('Permission denied.'));
}
$a = DI::app(); $a = DI::app();
if (!empty($a->user['uid']) && $a->user['uid'] != api_user()) { if (!empty($a->user['uid']) && $a->user['uid'] != self::getCurrentUserID()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
} }
} }
public static function put(array $parameters = []) public static function put(array $parameters = [])
{ {
if (!api_user()) { self::checkAllowedScope(self::SCOPE_WRITE);
throw new HTTPException\UnauthorizedException(DI::l10n()->t('Permission denied.'));
}
$a = DI::app(); $a = DI::app();
if (!empty($a->user['uid']) && $a->user['uid'] != api_user()) { if (!empty($a->user['uid']) && $a->user['uid'] != self::getCurrentUserID()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
} }
} }