diff options
| author | J0WI <J0WI@users.noreply.github.com> | 2021-03-28 03:58:01 +0300 |
|---|---|---|
| committer | J0WI <J0WI@users.noreply.github.com> | 2021-04-26 19:36:01 +0300 |
| commit | 122cc45801e5e23418de0e1e53783fbdd3c31a7e (patch) | |
| tree | 17a78bbbfb362919bd44e9b0a153d9215ee09d0b /lib | |
| parent | 9ae9dde028a684e53a1b37c9ba8e964ffe42a97f (diff) | |
Flip default in checkAuthorized
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/Controller/ApiController.php | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/lib/Controller/ApiController.php b/lib/Controller/ApiController.php index 9e27378..d9fc6fa 100644 --- a/lib/Controller/ApiController.php +++ b/lib/Controller/ApiController.php @@ -119,6 +119,7 @@ class ApiController extends OCSController { * @return DataResponse */ private function checkAuthorized(): bool { + // check for monitoring privilege $token = $this->request->getHeader('NC-Token'); if (!empty($token)) { $storedToken = $this->config->getAppValue('serverinfo', 'token', null); @@ -127,6 +128,7 @@ class ApiController extends OCSController { } } + // fallback to admin privilege $userSession = $this->userSession; if ($userSession === null) { return false; @@ -137,11 +139,7 @@ class ApiController extends OCSController { return false; } - if (!$this->groupManager->isAdmin($user->getUID())) { - return false; - }; - - return true; + return $this->groupManager->isAdmin($user->getUID()); } /** |