Updated frame.context to use req.api_key_id (#9965)

* Added api_key_id to frame.context refs #9865 This is to allow controllers to check permissions using api_key_id data. * Removed client and client_id from frame.context refs #9865 This is unused as we only support oauth on v0.1 API.
TryGhost · Oct 9, 2018 · 1b9aa25 · 1b9aa25
1 parent 23e9a02
commit 1b9aa25
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 6 deletions.
diff --git a/core/server/api/shared/http.js b/core/server/api/shared/http.js
@@ -14,9 +14,8 @@ const http = (apiImpl) => {
             params: req.params,
             user: req.user,
             context: {
-                user: ((req.user && req.user.id) || (req.user && models.User.isExternalUser(req.user.id))) ? req.user.id : null,
-                client: (req.client && req.client.slug) ? req.client.slug : null,
-                client_id: (req.client && req.client.id) ? req.client.id : null
+                api_key_id: (req.api_key && req.api_key.id) ? req.api_key.id : null,
+                user: ((req.user && req.user.id) || (req.user && models.User.isExternalUser(req.user.id))) ? req.user.id : null
             }
         });
 

diff --git a/core/test/unit/api/shared/http_spec.js b/core/test/unit/api/shared/http_spec.js
@@ -45,9 +45,8 @@ describe('Unit: api/shared/http', function () {
         apiImpl.args[0][0].data.should.eql({a: 'a'});
         apiImpl.args[0][0].options.should.eql({
             context: {
-                user: null,
-                client: null,
-                client_id: null
+                api_key_id: null,
+                user: null
             }
         });
     });