X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FModule%2FBaseApi.php;h=b6824140db632ab8b73afbff30f0042baf6af2ea;hb=04505366217b3a9c00710321f4495da03f727d39;hp=f219e56dc49cab165faca418ccf25570efe17680;hpb=e56a53647bd5469551bf4f9ef2df50a5dd16b943;p=friendica.git

diff --git a/src/Module/BaseApi.php b/src/Module/BaseApi.php
index f219e56dc4..b6824140db 100644
--- a/src/Module/BaseApi.php
+++ b/src/Module/BaseApi.php
@@ -79,19 +79,21 @@ class BaseApi extends BaseModule
 	 *
 	 * @throws HTTPException\ForbiddenException
 	 */
-	public function run(array $request = []): ResponseInterface
+	public function run(array $request = [], bool $scopecheck = true): ResponseInterface
 	{
-		switch ($this->server['REQUEST_METHOD'] ?? Router::GET) {
-			case Router::DELETE:
-			case Router::PATCH:
-			case Router::POST:
-			case Router::PUT:
-				self::checkAllowedScope(self::SCOPE_WRITE);
-
-				if (!$this->app->isLoggedIn()) {
-					throw new HTTPException\ForbiddenException($this->t('Permission denied.'));
-				}
-				break;
+		if ($scopecheck) {
+			switch ($this->args->getMethod()) {
+				case Router::DELETE:
+				case Router::PATCH:
+				case Router::POST:
+				case Router::PUT:
+					self::checkAllowedScope(self::SCOPE_WRITE);
+	
+					if (!self::getCurrentUserID()) {
+						throw new HTTPException\ForbiddenException($this->t('Permission denied.'));
+					}
+					break;
+			}	
 		}
 
 		return parent::run($request);