Skip to content
This repository has been archived by the owner on Jan 6, 2023. It is now read-only.

Commit

Permalink
Fix #1434
Browse files Browse the repository at this point in the history
  • Loading branch information
@binal-7span
binal-7span committed Nov 15, 2019
1 parent d97b8b8 commit 223c3f4
Show file tree
Hide file tree
Showing 3 changed files with 23 additions and 8 deletions.
14 changes: 14 additions & 0 deletions src/endpoints/ProjectsDelete.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,20 @@ class ProjectsDelete extends Route
{
public function __invoke(Request $request, Response $response)
{

$data = $request->getParsedBody();
$this->validate($data,[
'super_admin_token' => 'required',
]);

$superadminFilePath = \Directus\get_app_base_path().'/config/__api.json';

$superadminFileData = json_decode(file_get_contents($superadminFilePath), true);
if ($data['super_admin_token'] !== $superadminFileData['super_admin_token']) {
throw new UnauthorizedException('Permission denied: Superadmin Only');
}


$installService = new ProjectService($this->container);
$installService->delete($request->getAttribute('name'));

Expand Down
9 changes: 9 additions & 0 deletions src/endpoints/Server.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
use Directus\Exception\NotInstalledException;
use Directus\Util\StringUtils;
use Directus\Services\ServerService;
use Directus\Application\Http\Middleware\TableGatewayMiddleware;

class Server extends Route
{
Expand All @@ -17,9 +18,17 @@ class Server extends Route
*/
public function __invoke(Application $app)
{
$container = $this->container;
\Directus\create_ping_route($app);
$app->get('/projects', [$this, 'projects']);
$app->get('/info', [$this, 'getInfo']);
$app->group('/projects', function () use ($container){
$this->post('/', \Directus\Api\Routes\ProjectsCreate::class);
$this->delete('/{name}', \Directus\Api\Routes\ProjectsDelete::class)
->add(new \Directus\Application\Http\Middleware\AuthenticationMiddleware($container))
->add(new \Directus\Application\Http\Middleware\AdminOnlyMiddleware($container))
->add(new \Directus\Application\Http\Middleware\AuthenticationIgnoreOriginMiddleware($container));
})->add(new TableGatewayMiddleware($container));
}

/**
Expand Down
8 changes: 0 additions & 8 deletions src/web.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -134,14 +134,6 @@
->add($middleware['rate_limit_user'])
->add($middleware['table_gateway']);

$app->group('/projects', function () use ($middleware) {
$this->post('', \Directus\Api\Routes\ProjectsCreate::class);

$this->delete('/{name}', \Directus\Api\Routes\ProjectsDelete::class)
->add($middleware['auth_admin'])
->add($middleware['auth'])
->add($middleware['auth_ignore_origin']);
})->add($middleware['table_gateway']);

$app->group('/{project}', function () use ($middleware) {
$this->get('/', \Directus\Api\Routes\ProjectHome::class)
Expand Down

0 comments on commit 223c3f4

Please sign in to comment.