fix(appservices): don't use identity assertion on account management endpoints

merge-requests/467/head^2^2
Matthias Ahouansou 4 months ago
parent 7f63948db9
commit 54e0e2a14c
No known key found for this signature in database

@ -108,10 +108,7 @@ where
)) ))
} }
( (
AuthScheme::AccessToken AuthScheme::AccessToken | AuthScheme::AccessTokenOptional,
| AuthScheme::AppserviceToken
| AuthScheme::AccessTokenOptional
| AuthScheme::None,
Token::Appservice(info), Token::Appservice(info),
) => { ) => {
let user_id = query_params let user_id = query_params
@ -138,6 +135,9 @@ where
// TODO: Check if appservice is allowed to be that user // TODO: Check if appservice is allowed to be that user
(Some(user_id), None, None, true) (Some(user_id), None, None, true)
} }
(AuthScheme::None | AuthScheme::AppserviceToken, Token::Appservice(_)) => {
(None, None, None, true)
}
(AuthScheme::AccessToken, Token::None) => { (AuthScheme::AccessToken, Token::None) => {
return Err(Error::BadRequest( return Err(Error::BadRequest(
ErrorKind::MissingToken, ErrorKind::MissingToken,

Loading…
Cancel
Save