feat(api): RequireAuth+RequireProjectAccess middleware, IDOR-scope check/apply по projectID
This commit is contained in:
@@ -13,9 +13,11 @@ import (
|
||||
)
|
||||
|
||||
// LoadDomain joins domains+provider_accounts+templates to build the
|
||||
// service.DomainRef needed to check/apply a domain's DNS records.
|
||||
func (s *Store) LoadDomain(ctx context.Context, domainID uuid.UUID) (service.DomainRef, error) {
|
||||
row, err := s.q.LoadDomainFull(ctx, domainID)
|
||||
// service.DomainRef needed to check/apply a domain's DNS records. Scoped by
|
||||
// projectID so a domain belonging to another tenant's project can never be
|
||||
// loaded, even if its domainID is guessed/leaked (closes IDOR).
|
||||
func (s *Store) LoadDomain(ctx context.Context, projectID, domainID uuid.UUID) (service.DomainRef, error) {
|
||||
row, err := s.q.LoadDomainFull(ctx, db.LoadDomainFullParams{ID: domainID, ProjectID: projectID})
|
||||
if err != nil {
|
||||
return service.DomainRef{}, err
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user