mirror/formbricks-formbricks
1
0
Fork 0
mirror of https://github.com/formbricks/formbricks.git synced 2026-05-08 06:41:45 -05:00
Code Issues Packages Projects Releases 100 Wiki Activity

fix: organization access checks (#6441)

Browse Source
This commit is contained in:
Piyush Gupta
2025-08-19 16:53:59 +05:30
committed by GitHub
parent c60c8cb7bd
commit 59859d0e4f
3 changed files with 22 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/web/modules/api/v2/me/route.ts
+2 -1
View File
@@ -1,6 +1,7 @@
import { authenticatedApiClient } from "@/modules/api/v2/auth/authenticated-api-client";
import { responses } from "@/modules/api/v2/lib/response";
import { handleApiError } from "@/modules/api/v2/lib/utils";
import { hasOrganizationAccess } from "@/modules/organization/settings/api-keys/lib/utils";
import { NextRequest } from "next/server";
import { OrganizationAccessType } from "@formbricks/types/api-key";
@@ -8,7 +9,7 @@ export const GET = async (request: NextRequest) =>
authenticatedApiClient({
request,
handler: async ({ authentication }) => {
if (!authentication.organizationAccess?.accessControl?.[OrganizationAccessType.Read]) {
if (!hasOrganizationAccess(authentication, OrganizationAccessType.Read)) {
return handleApiError(request, {
type: "unauthorized",
details: [{ field: "organizationId", issue: "unauthorized" }],
apps/web/modules/api/v2/organizations/[organizationId]/lib/utils.ts
+2 -5
View File
@@ -1,3 +1,4 @@
import { hasOrganizationAccess } from "@/modules/organization/settings/api-keys/lib/utils";
import { logger } from "@formbricks/logger";
import { OrganizationAccessType } from "@formbricks/types/api-key";
import { TAuthenticationApiKey } from "@formbricks/types/auth";
@@ -13,9 +14,5 @@ export const hasOrganizationIdAndAccess = (
return false;
}
if (!authentication.organizationAccess?.accessControl?.[accessType]) {
return false;
}
return true;
return hasOrganizationAccess(authentication, accessType);
};
apps/web/modules/organization/settings/api-keys/lib/utils.ts
+18 -1
View File
@@ -1,5 +1,6 @@
import { TFnType } from "@tolgee/react";
import { TAPIKeyEnvironmentPermission } from "@formbricks/types/auth";
import { OrganizationAccessType } from "@formbricks/types/api-key";
import { TAPIKeyEnvironmentPermission, TAuthenticationApiKey } from "@formbricks/types/auth";
// Permission level required for different HTTP methods
const methodPermissionMap = {
@@ -50,3 +51,19 @@ export const getOrganizationAccessKeyDisplayName = (key: string, t: TFnType) =>
return key;
}
};
export const hasOrganizationAccess = (
authentication: TAuthenticationApiKey,
accessType: OrganizationAccessType
): boolean => {
const organizationAccess = authentication.organizationAccess?.accessControl;
switch (accessType) {
case OrganizationAccessType.Read:
return organizationAccess?.read === true || organizationAccess?.write === true;
case OrganizationAccessType.Write:
return organizationAccess?.write === true;
default:
return false;
}
};