tabshift/pocketbase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactored installer and removed RequireSuperuserAuthOnlyIfAny

Browse Source
This commit is contained in:
Gani Georgiev
2024-11-05 21:12:17 +02:00
parent 4f67dba6cb
commit 9506669095
61 changed files with 4722 additions and 4937 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
apis/record_crud.go
View File

@@ -169,17 +169,7 @@ func recordCreate(optFinalizer func(data any) error) func(e *core.RequestEvent)
}
hasSuperuserAuth := requestInfo.HasSuperuserAuth()
canSkipRuleCheck := hasSuperuserAuth
// special case for the first superuser creation
// ---
if !canSkipRuleCheck && collection.Name == core.CollectionNameSuperusers {
total, totalErr := e.App.CountRecords(core.CollectionNameSuperusers)
canSkipRuleCheck = totalErr == nil && total == 0
}
// ---
if !canSkipRuleCheck && collection.CreateRule == nil {
if !hasSuperuserAuth && collection.CreateRule == nil {
return e.ForbiddenError("Only superusers can perform this action.", nil)
}
@@ -212,7 +202,7 @@ func recordCreate(optFinalizer func(data any) error) func(e *core.RequestEvent)
form.SetRecord(e.Record)
// temporary save the record and check it against the create and manage rules
if !canSkipRuleCheck && e.Collection.CreateRule != nil {
if !hasSuperuserAuth && e.Collection.CreateRule != nil {
// temporary grant manager access level
form.GrantManagerAccess()