Merge pull request #71 from IFRCGo/WN-379

jajaramillo24 · web-flow · commit aaadfbe9dc73 · 2026-05-19T14:08:19.000-03:00
Only enforce org check for v2 API
diff --git a/app/Http/Middleware/ApiAuthMiddleware.php b/app/Http/Middleware/ApiAuthMiddleware.php
@@ -44,7 +44,10 @@ public function handle($request, Closure $next)
                 return response()->json(['error' => 'Application is not allowed to access this API version'], 403);
             }
 
-            $canAccessOrganisation = $this->canAccessOrganisation($request->path(), (array) $application->rules);
+            $canAccessOrganisation = true;
+            if (strpos($request->path(), 'v2/') === 0) {
+                $canAccessOrganisation = $this->canAccessOrganisation($request->path(), (array) $application->rules);
+            }
 
             if (!$canAccessOrganisation) {
                 return response()->json(['error' => 'Application is not allowed to access this organisation'], 403);
