Fix 403 error on not exists application.

Remove countUsers from minecraft server application type.
2024-11-23 05:33:20 +05:30 · 2018-03-25 22:21:22 +03:00 · 2018-03-25 22:21:22 +03:00 · 4ee8544355
commit 4ee8544355
parent f3f53e752d
3 changed files with 5 additions and 4 deletions
--- a/api/modules/oauth/controllers/ClientsController.php
+++ b/api/modules/oauth/controllers/ClientsController.php
@ -136,7 +136,8 @@ class ClientsController extends Controller {
            throw new NotFoundHttpException();
        }

-        $clients = $account->oauthClients;
+        /** @var OauthClient[] $clients */
+        $clients = $account->getOauthClients()->orderBy(['created_at' => SORT_ASC])->all();
        $result = array_map(function(OauthClient $client) {
            return $this->formatClient($client);
        }, $clients);
@ -152,13 +153,13 @@ class ClientsController extends Controller {
            'name' => $client->name,
            'websiteUrl' => $client->website_url,
            'createdAt' => $client->created_at,
-            'countUsers' => (int)$client->getSessions()->count(),
        ];

        switch ($client->type) {
            case OauthClient::TYPE_APPLICATION:
                $result['description'] = $client->description;
                $result['redirectUri'] = $client->redirect_uri;
+                $result['countUsers'] = (int)$client->getSessions()->count();
                break;
            case OauthClient::TYPE_MINECRAFT_SERVER:
                $result['minecraftServerIp'] = $client->minecraft_server_ip;
--- a/common/rbac/rules/OauthClientOwner.php
+++ b/common/rbac/rules/OauthClientOwner.php
@ -38,7 +38,7 @@ class OauthClientOwner extends Rule {
        /** @var OauthClient|null $client */
        $client = OauthClient::findOne($clientId);
        if ($client === null) {
-            return false;
+            return true;
        }

        $identity = Yii::$app->user->findIdentityByAccessToken($accessToken);
--- a/tests/codeception/common/unit/rbac/rules/OauthClientOwnerTest.php
+++ b/tests/codeception/common/unit/rbac/rules/OauthClientOwnerTest.php
@ -42,7 +42,7 @@ class OauthClientOwnerTest extends TestCase {

        $this->assertFalse($rule->execute('token', $item, []));
        $this->assertTrue($rule->execute('token', $item, ['clientId' => 'admin-oauth-client']));
-        $this->assertFalse($rule->execute('token', $item, ['clientId' => 'not-exists-client']));
+        $this->assertTrue($rule->execute('token', $item, ['clientId' => 'not-exists-client']));
        $account->id = 2;
        $this->assertFalse($rule->execute('token', $item, ['clientId' => 'admin-oauth-client']));
        $item->name = P::VIEW_OWN_OAUTH_CLIENTS;