@@ -131,7 +132,7 @@
id={uniqueId}
bind:checked={record.verified}
on:change|preventDefault={(e) => {
- if (record.$isNew) {
+ if (isNew) {
return; // no confirmation required
}
confirm(
diff --git a/ui/src/components/records/fields/FileField.svelte b/ui/src/components/records/fields/FileField.svelte
index d3c8e263..fb3fa20c 100644
--- a/ui/src/components/records/fields/FileField.svelte
+++ b/ui/src/components/records/fields/FileField.svelte
@@ -6,6 +6,7 @@
import Field from "@/components/base/Field.svelte";
import UploadedFilePreview from "@/components/base/UploadedFilePreview.svelte";
import RecordFileThumb from "@/components/records/RecordFileThumb.svelte";
+ import { onMount } from "svelte";
export let record;
export let value = "";
@@ -16,6 +17,7 @@
let fileInput;
let filesListElem;
let isDragOver = false;
+ let fileToken = "";
// normalize uploadedFiles type
$: if (!Array.isArray(uploadedFiles)) {
@@ -93,6 +95,10 @@
uploadedFiles = uploadedFiles;
}
+
+ onMount(async () => {
+ fileToken = await ApiClient.getAdminFileToken(record.collectionId);
+ });
{
@@ -82,7 +82,7 @@ export async function loadCollections(activeId = null) {
}
function refreshProtectedFilesCollectionsCache() {
- privateFilesCollectionsCache.update((cache) => {
+ protectedFilesCollectionsCache.update((cache) => {
collections.update((current) => {
for (let c of current) {
cache[c.id] = !!c.schema?.find((f) => f.type == "file" && f.options?.protected);
diff --git a/ui/src/utils/ApiClient.js b/ui/src/utils/ApiClient.js
index 87d2006b..8ac8ace0 100644
--- a/ui/src/utils/ApiClient.js
+++ b/ui/src/utils/ApiClient.js
@@ -1,10 +1,13 @@
import PocketBase, { LocalAuthStore, Admin, isTokenExpired } from "pocketbase";
// ---
-import CommonHelper from "@/utils/CommonHelper";
-import { replace } from "svelte-spa-router";
-import { addErrorToast } from "@/stores/toasts";
-import { setErrors } from "@/stores/errors";
-import { setAdmin } from "@/stores/admin";
+import CommonHelper from "@/utils/CommonHelper";
+import { replace } from "svelte-spa-router";
+import { get } from "svelte/store";
+import { addErrorToast } from "@/stores/toasts";
+import { setErrors } from "@/stores/errors";
+import { setAdmin } from "@/stores/admin";
+import { protectedFilesCollectionsCache } from "@/stores/collections";
+
const adminFileTokenKey = "pb_admin_file_token";
@@ -17,7 +20,7 @@ PocketBase.prototype.logout = function(redirect = true) {
this.authStore.clear();
if (redirect) {
- replace('/login');
+ replace("/login");
}
};
@@ -28,7 +31,7 @@ PocketBase.prototype.logout = function(redirect = true) {
* @param {Boolean} notify Whether to add a toast notification.
* @param {String} defaultMsg Default toast notification message if the error doesn't have one.
*/
-PocketBase.prototype.errorResponseHandler = function(err, notify = true, defaultMsg = '') {
+PocketBase.prototype.errorResponseHandler = function(err, notify = true, defaultMsg = "") {
if (!err || !(err instanceof Error) || err.isAbort) {
return;
}
@@ -61,15 +64,28 @@ PocketBase.prototype.errorResponseHandler = function(err, notify = true, default
// forbidden
if (statusCode === 403) {
this.cancelAllRequests();
- return replace('/');
+ return replace("/");
}
};
/**
* @return {Promise}
*/
-PocketBase.prototype.getAdminFileToken = async function() {
- let token = localStorage.getItem(adminFileTokenKey) || '';
+PocketBase.prototype.getAdminFileToken = async function(collectionId = "") {
+ let needToken = true;
+
+ if (collectionId) {
+ const protectedCollections = get(protectedFilesCollectionsCache);
+ needToken = typeof protectedCollections[collectionId] !== "undefined"
+ ? protectedCollections[collectionId]
+ : true;
+ }
+
+ if (!needToken) {
+ return "";
+ }
+
+ let token = localStorage.getItem(adminFileTokenKey) || "";
// request a new token only if the previous one is missing or will expire soon
if (!token || isTokenExpired(token, 15)) {