-
Notifications
You must be signed in to change notification settings - Fork 3.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.
Already on GitHub? Sign in to your account
馃悰 Bug Report: with Users limited to 1, creating team membership in console gives restricted error #5516
Comments
@jhooper04 thanks for creating this issue! 馃檹馃徏 Let me double check with the team we want this type of behavior. |
I checked with the team and we agreed this is something we should have. |
hi @stnguyen90 I would be really happy to fix this issue . If possible can you please assign this to me ? |
@lucifer-Hell assigned! Thanks for your interest! 馃檹 |
Hi team just a quick update . It seems that whenever the create event is called for a member to be created the project id which is passed to the register function is not console. Hence it throws the error. Below is the line code which checks the project id : - |
@lucifer-Hell, yes, that is correct. The project ID would be the project ID in which the team membership is being created in. FYI, you can add a permalink on GitHub and it will render the code. For example: appwrite/app/controllers/api/teams.php Line 444 in 9534852
|
Hi @stnguyen90 , i have proposal to fix this bug . Rather then relying on
Also thanks! for the permalink suggestion I will use the same in my prs from know onwards . |
@lucifer-Hell, it's typically not a good idea to rely on client-supplied data like that since the client can send any value it wants. |
This is the current code appwrite/app/controllers/api/teams.php Lines 441 to 455 in 9534852
Can't we simply do something like this? if (empty($invitee)) { // Create new user if no user with same email found
$limit = $project->getAttribute('auths', [])['limit'] ?? 0;
$isPrivilegedUser ? $limit = 0 : null; // <----- I added this line
if ($limit !== 0 && $project->getId() !== 'console') { // check users limit, console invites are allways allowed.
$total = $dbForProject->count('users', [], APP_LIMIT_USERS);
// rest of the code |
@safwanyp, I'd probably leave the limit number rather than modifying it based on |
@stnguyen90 Noted, and I did this instead: if (empty($invitee)) { // Create new user if no user with same email found
$limit = $project->getAttribute('auths', [])['limit'] ?? 0;
$shouldCheckLimit = !$isPrivilegedUser && $limit !== 0 && $project->getId() !== 'console';
if ($shouldCheckLimit) { // check users limit, console invites are allways allowed.
$total = $dbForProject->count('users', [], APP_LIMIT_USERS);
if ($total >= $limit) {
throw new Exception(Exception::USER_COUNT_EXCEEDED, 'Project registration is restricted. Contact your administrator for more information.');
}
}
// rest of the code Instead of modifying |
@lucifer-Hell, how's your progress on this? |
As the previous assignee is not working on it, can you assign it to me |
Just realised @safwanyp had already got the solution |
can i work on this? |
Unassigning due to inactivity. @ketanbaitule, @nick2432, are y'all still interested in working on this? |
Hi @stnguyen90, I am interested to work on this issue.
|
@ketanbaitule, assigned! Thanks for your interest! 馃檹 |
馃憻 Reproduction steps
馃憤 Expected behavior
It should create the new user for that email address if it doesn't exist (ideally with a confirmation?) even though the user limit is exceeded since it is being created through the console or via an API key.
馃憥 Actual Behavior
It returns an error message "Project registration is restricted. Contact your administrator for more information."
It works as expected if the user/email already exists.
馃幉 Appwrite version
Version 1.3.x
馃捇 Operating system
Linux
馃П Your Environment
I am using 1.3.4 through the console on a self hosted localhost linux development environment with _APP_ENV=development
馃憖 Have you spent some time to check if this issue has been raised before?
馃彚 Have you read the Code of Conduct?
The text was updated successfully, but these errors were encountered: