removed unnecessary cast
This commit is contained in:
Gani Georgiev
parent
4209583a88
commit
8271452430
|
|
@ -18,7 +18,6 @@ import (
|
||||||
"github.com/pocketbase/pocketbase/tools/routine"
|
"github.com/pocketbase/pocketbase/tools/routine"
|
||||||
"github.com/pocketbase/pocketbase/tools/search"
|
"github.com/pocketbase/pocketbase/tools/search"
|
||||||
"github.com/pocketbase/pocketbase/tools/subscriptions"
|
"github.com/pocketbase/pocketbase/tools/subscriptions"
|
||||||
"github.com/spf13/cast"
|
|
||||||
"golang.org/x/sync/errgroup"
|
"golang.org/x/sync/errgroup"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -486,6 +485,8 @@ func realtimeBroadcastRecord(app core.App, action string, record *core.Record, d
|
||||||
|
|
||||||
for _, chunk := range chunks {
|
for _, chunk := range chunks {
|
||||||
group.Go(func() error {
|
group.Go(func() error {
|
||||||
|
var clientAuth *core.Record
|
||||||
|
|
||||||
for _, client := range chunk {
|
for _, client := range chunk {
|
||||||
// note: not executed concurrently to avoid races and to ensure
|
// note: not executed concurrently to avoid races and to ensure
|
||||||
// that the access checks are applied for the current record db state
|
// that the access checks are applied for the current record db state
|
||||||
|
|
@ -495,6 +496,8 @@ func realtimeBroadcastRecord(app core.App, action string, record *core.Record, d
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
|
clientAuth, _ = client.Get(RealtimeClientAuthKey).(*core.Record)
|
||||||
|
|
||||||
for sub, options := range subs {
|
for sub, options := range subs {
|
||||||
// create a clean record copy without expand and unknown fields
|
// create a clean record copy without expand and unknown fields
|
||||||
// because we don't know yet which exact fields the client subscription has permissions to access
|
// because we don't know yet which exact fields the client subscription has permissions to access
|
||||||
|
|
@ -506,8 +509,8 @@ func realtimeBroadcastRecord(app core.App, action string, record *core.Record, d
|
||||||
Method: "GET",
|
Method: "GET",
|
||||||
Query: options.Query,
|
Query: options.Query,
|
||||||
Headers: options.Headers,
|
Headers: options.Headers,
|
||||||
|
Auth: clientAuth,
|
||||||
}
|
}
|
||||||
requestInfo.Auth, _ = client.Get(RealtimeClientAuthKey).(*core.Record)
|
|
||||||
|
|
||||||
if !realtimeCanAccessRecord(app, cleanRecord, requestInfo, rule) {
|
if !realtimeCanAccessRecord(app, cleanRecord, requestInfo, rule) {
|
||||||
continue
|
continue
|
||||||
|
|
@ -534,7 +537,6 @@ func realtimeBroadcastRecord(app core.App, action string, record *core.Record, d
|
||||||
// ignore the auth record email visibility checks
|
// ignore the auth record email visibility checks
|
||||||
// for auth owner, superuser or manager
|
// for auth owner, superuser or manager
|
||||||
if collection.IsAuth() {
|
if collection.IsAuth() {
|
||||||
clientAuth, _ := client.Get(RealtimeClientAuthKey).(*core.Record)
|
|
||||||
if isSameAuth(clientAuth, cleanRecord) ||
|
if isSameAuth(clientAuth, cleanRecord) ||
|
||||||
realtimeCanAccessRecord(app, cleanRecord, requestInfo, collection.ManageRule) {
|
realtimeCanAccessRecord(app, cleanRecord, requestInfo, collection.ManageRule) {
|
||||||
cleanRecord.IgnoreEmailVisibility(true)
|
cleanRecord.IgnoreEmailVisibility(true)
|
||||||
|
|
@ -707,7 +709,7 @@ func realtimeCanAccessRecord(
|
||||||
|
|
||||||
// check the subscription client-side filter (if any)
|
// check the subscription client-side filter (if any)
|
||||||
// ---
|
// ---
|
||||||
filter := cast.ToString(requestInfo.Query[search.FilterQueryParam])
|
filter := requestInfo.Query[search.FilterQueryParam]
|
||||||
if filter == "" {
|
if filter == "" {
|
||||||
return true // no further checks needed
|
return true // no further checks needed
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue