X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=src%2FModule%2FBaseApi.php;h=b6824140db632ab8b73afbff30f0042baf6af2ea;hb=e7384288766f342da98b7d0ada082db516501ac6;hp=db5f191cf1d0bd6b63c421f82ab4598544afc667;hpb=2dc60cfd3352e163edc222cfe0a804876ec87300;p=friendica.git

diff --git a/src/Module/BaseApi.php b/src/Module/BaseApi.php
index db5f191cf1..b6824140db 100644
--- a/src/Module/BaseApi.php
+++ b/src/Module/BaseApi.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * @copyright Copyright (C) 2010-2021, the Friendica project
+ * @copyright Copyright (C) 2010-2022, the Friendica project
  *
  * @license GNU AGPL version 3 or any later version
  *
@@ -79,19 +79,21 @@ class BaseApi extends BaseModule
 	 *
 	 * @throws HTTPException\ForbiddenException
 	 */
-	public function run(array $request = []): ResponseInterface
+	public function run(array $request = [], bool $scopecheck = true): ResponseInterface
 	{
-		switch ($this->server['REQUEST_METHOD'] ?? Router::GET) {
-			case Router::DELETE:
-			case Router::PATCH:
-			case Router::POST:
-			case Router::PUT:
-				self::checkAllowedScope(self::SCOPE_WRITE);
-
-				if (!$this->app->isLoggedIn()) {
-					throw new HTTPException\ForbiddenException($this->t('Permission denied.'));
-				}
-				break;
+		if ($scopecheck) {
+			switch ($this->args->getMethod()) {
+				case Router::DELETE:
+				case Router::PATCH:
+				case Router::POST:
+				case Router::PUT:
+					self::checkAllowedScope(self::SCOPE_WRITE);
+	
+					if (!self::getCurrentUserID()) {
+						throw new HTTPException\ForbiddenException($this->t('Permission denied.'));
+					}
+					break;
+			}	
 		}
 
 		return parent::run($request);