From 00bed0f12029394f189a459768415701d4062001 Mon Sep 17 00:00:00 2001
From: Qu Xuan <qu_xuan@icloud.com>
Date: Mon, 20 Jan 2025 16:37:17 +0800
Subject: [PATCH] fix(apigateway): set scope policy binding project id query

---
 pkg/apigateway/handler/auth.go | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/pkg/apigateway/handler/auth.go b/pkg/apigateway/handler/auth.go
index 2711c9ffa29..0c019e7636c 100644
--- a/pkg/apigateway/handler/auth.go
+++ b/pkg/apigateway/handler/auth.go
@@ -26,6 +26,7 @@ import (
 	"yunion.io/x/jsonutils"
 	"yunion.io/x/log"
 	"yunion.io/x/pkg/errors"
+	"yunion.io/x/pkg/gotypes"
 	"yunion.io/x/pkg/util/httputils"
 	"yunion.io/x/pkg/util/printutils"
 	"yunion.io/x/pkg/util/rbacscope"
@@ -221,7 +222,13 @@ var (
 )
 
 func (h *AuthHandlers) getScopedPolicyBindings(ctx context.Context, w http.ResponseWriter, req *http.Request) {
-	_, params, _ := appsrv.FetchEnv(ctx, w, req)
+	_, _params, _ := appsrv.FetchEnv(ctx, w, req)
+	if gotypes.IsNil(_params) {
+		_params = jsonutils.NewDict()
+	}
+	params := _params.(*jsonutils.JSONDict)
+	token := AppContextToken(ctx)
+	params.Set("project_id", jsonutils.NewString(token.GetProjectId()))
 	hash := fmt.Sprintf("%x", md5.Sum([]byte(params.String())))
 	cache := bindingCache.Get(hash)
 	if cache != nil {