From f4683e3a6d8bc02a0e8cfe481caf83dc8b46c0a3 Mon Sep 17 00:00:00 2001
From: Matheus Barbosa Silva
 <36537004+matheusbsilva137@users.noreply.github.com>
Date: Thu, 9 May 2024 17:48:28 -0300
Subject: [PATCH] chore!: Improve permissions check on oauth-apps endpoints
 (#32338)

Co-authored-by: Marcos Spessatto Defendi <marcos.defendi@rocket.chat>
---
 apps/meteor/app/api/server/v1/oauthapps.ts | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/apps/meteor/app/api/server/v1/oauthapps.ts b/apps/meteor/app/api/server/v1/oauthapps.ts
index 97d489295d424..29e79d1ffa987 100644
--- a/apps/meteor/app/api/server/v1/oauthapps.ts
+++ b/apps/meteor/app/api/server/v1/oauthapps.ts
@@ -1,7 +1,6 @@
 import { OAuthApps } from '@rocket.chat/models';
 import { isUpdateOAuthAppParams, isOauthAppsGetParams, isOauthAppsAddParams, isDeleteOAuthAppParams } from '@rocket.chat/rest-typings';
 
-import { hasPermissionAsync } from '../../../authorization/server/functions/hasPermission';
 import { apiDeprecationLogger } from '../../../lib/server/lib/deprecationWarningLogger';
 import { addOAuthApp } from '../../../oauth2-server-config/server/admin/functions/addOAuthApp';
 import { API } from '../api';
@@ -20,7 +19,7 @@ API.v1.addRoute(
 
 API.v1.addRoute(
 	'oauth-apps.get',
-	{ authRequired: true, validateParams: isOauthAppsGetParams },
+	{ authRequired: true, validateParams: isOauthAppsGetParams, permissionsRequired: ['manage-oauth-apps'] },
 	{
 		async get() {
 			const isOAuthAppsManager = await hasPermissionAsync(this.userId, 'manage-oauth-apps');