colin
/
pocketbase
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

removed unnecessary cast

This commit is contained in:
Gani Georgiev 2024-10-14 23:04:10 +03:00
parent 4209583a88
commit 8271452430
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
apis/realtime.go
View File

@ -18,7 +18,6 @@ import (
"github.com/pocketbase/pocketbase/tools/routine"
"github.com/pocketbase/pocketbase/tools/search"
"github.com/pocketbase/pocketbase/tools/subscriptions"
"github.com/spf13/cast"
"golang.org/x/sync/errgroup"
)
@ -486,6 +485,8 @@ func realtimeBroadcastRecord(app core.App, action string, record *core.Record, d
for _, chunk := range chunks {
group.Go(func() error {
var clientAuth *core.Record
for _, client := range chunk {
// note: not executed concurrently to avoid races and to ensure
// that the access checks are applied for the current record db state
@ -495,6 +496,8 @@ func realtimeBroadcastRecord(app core.App, action string, record *core.Record, d
continue
}
clientAuth, _ = client.Get(RealtimeClientAuthKey).(*core.Record)
for sub, options := range subs {
// create a clean record copy without expand and unknown fields
// because we don't know yet which exact fields the client subscription has permissions to access
@ -506,8 +509,8 @@ func realtimeBroadcastRecord(app core.App, action string, record *core.Record, d
Method: "GET",
Query: options.Query,
Headers: options.Headers,
Auth: clientAuth,
}
requestInfo.Auth, _ = client.Get(RealtimeClientAuthKey).(*core.Record)
if !realtimeCanAccessRecord(app, cleanRecord, requestInfo, rule) {
continue
@ -534,7 +537,6 @@ func realtimeBroadcastRecord(app core.App, action string, record *core.Record, d
// ignore the auth record email visibility checks
// for auth owner, superuser or manager
if collection.IsAuth() {
clientAuth, _ := client.Get(RealtimeClientAuthKey).(*core.Record)
if isSameAuth(clientAuth, cleanRecord) ||
realtimeCanAccessRecord(app, cleanRecord, requestInfo, collection.ManageRule) {
cleanRecord.IgnoreEmailVisibility(true)
@ -707,7 +709,7 @@ func realtimeCanAccessRecord(
// check the subscription client-side filter (if any)
// ---
filter := cast.ToString(requestInfo.Query[search.FilterQueryParam])
filter := requestInfo.Query[search.FilterQueryParam]
if filter == "" {
return true // no further checks needed
}