Get rid of "api_user()" function

This commit is contained in:
Michael 2021-06-08 20:41:46 +00:00
parent 8bf5dd187b
commit e4be1e0cd5

View File

@ -61,52 +61,44 @@ class BaseApi extends BaseModule
public static function delete(array $parameters = []) public static function delete(array $parameters = [])
{ {
if (!api_user()) { self::checkAllowedScope(self::SCOPE_WRITE);
throw new HTTPException\UnauthorizedException(DI::l10n()->t('Permission denied.'));
}
$a = DI::app(); $a = DI::app();
if (!empty($a->user['uid']) && $a->user['uid'] != api_user()) { if (!empty($a->user['uid']) && $a->user['uid'] != self::getCurrentUserID()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
} }
} }
public static function patch(array $parameters = []) public static function patch(array $parameters = [])
{ {
if (!api_user()) { self::checkAllowedScope(self::SCOPE_WRITE);
throw new HTTPException\UnauthorizedException(DI::l10n()->t('Permission denied.'));
}
$a = DI::app(); $a = DI::app();
if (!empty($a->user['uid']) && $a->user['uid'] != api_user()) { if (!empty($a->user['uid']) && $a->user['uid'] != self::getCurrentUserID()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
} }
} }
public static function post(array $parameters = []) public static function post(array $parameters = [])
{ {
if (!api_user()) { self::checkAllowedScope(self::SCOPE_WRITE);
throw new HTTPException\UnauthorizedException(DI::l10n()->t('Permission denied.'));
}
$a = DI::app(); $a = DI::app();
if (!empty($a->user['uid']) && $a->user['uid'] != api_user()) { if (!empty($a->user['uid']) && $a->user['uid'] != self::getCurrentUserID()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
} }
} }
public static function put(array $parameters = []) public static function put(array $parameters = [])
{ {
if (!api_user()) { self::checkAllowedScope(self::SCOPE_WRITE);
throw new HTTPException\UnauthorizedException(DI::l10n()->t('Permission denied.'));
}
$a = DI::app(); $a = DI::app();
if (!empty($a->user['uid']) && $a->user['uid'] != api_user()) { if (!empty($a->user['uid']) && $a->user['uid'] != self::getCurrentUserID()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
} }
} }