diff options
Diffstat (limited to 'lib/api/members.rb')
| -rw-r--r-- | lib/api/members.rb | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/lib/api/members.rb b/lib/api/members.rb index e2045c6def7..b94f68f60b5 100644 --- a/lib/api/members.rb +++ b/lib/api/members.rb @@ -32,6 +32,8 @@ module API get ":id/members", feature_category: feature_category do source = find_source(source_type, params[:id]) + authorize_read_source_member!(source_type, source) + members = paginate(retrieve_members(source, params: params)) present_members members @@ -51,6 +53,8 @@ module API get ":id/members/all", feature_category: feature_category do source = find_source(source_type, params[:id]) + authorize_read_source_member!(source_type, source) + members = paginate(retrieve_members(source, params: params, deep: true)) present_members members @@ -66,6 +70,8 @@ module API get ":id/members/:user_id", feature_category: feature_category do source = find_source(source_type, params[:id]) + authorize_read_source_member!(source_type, source) + members = source_members(source) member = members.find_by!(user_id: params[:user_id]) @@ -83,6 +89,8 @@ module API get ":id/members/all/:user_id", feature_category: feature_category do source = find_source(source_type, params[:id]) + authorize_read_source_member!(source_type, source) + members = find_all_members(source) member = members.find_by!(user_id: params[:user_id]) |