forked from Alex/Pterodactyl-Panel
Minor API handling fixes.
This commit is contained in:
parent
db168e34bd
commit
2c1b332fee
@ -43,7 +43,7 @@ class APIKeyPolicy
|
||||
protected function checkPermission(User $user, Key $key, $permission)
|
||||
{
|
||||
// Non-administrative users cannot use administrative routes.
|
||||
if (! starts_with('user.') && ! $user->isRootAdmin()) {
|
||||
if (! starts_with($key, 'user.') && ! $user->isRootAdmin()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
@ -147,7 +147,7 @@ class APIRepository
|
||||
if ($this->user->isRootAdmin() && isset($data['admin_permissions'])) {
|
||||
unset($pNodes['_user']);
|
||||
|
||||
foreach ($data['admin_permissions'] as $permNode) {
|
||||
foreach ($data['admin_permissions'] as $permission) {
|
||||
$parts = explode('-', $permission);
|
||||
|
||||
if (count($parts) !== 2) {
|
||||
|
Loading…
Reference in New Issue
Block a user