MIDNIGHT/enlight-lms
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: allow enabled server script endpoints

Browse Source
This commit is contained in:
Jannat Patel
2026-01-19 18:33:14 +05:30
parent 66486a5a1c
commit 5175050ed6
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
lms/auth.py
View File

@@ -61,6 +61,16 @@ def authenticate():
if path.startswith("/lms") or path.startswith("/api/method/lms."): if path.startswith("/lms") or path.startswith("/api/method/lms."):
return return
if is_server_script_path(path):
return
if path in ALLOWED_PATHS: if path in ALLOWED_PATHS:
return return
frappe.throw(f"Access not allowed for this URL: {path}", frappe.PermissionError) frappe.throw(f"Access not allowed for this URL: {path}", frappe.PermissionError)
def is_server_script_path(path):
endpoint = path.split("/api/method/")[-1]
if frappe.db.exists("Server Script", {"script_type": "API", "api_method": endpoint, "disabled": 0}):
return True
return False