core/oc-lib
6
0
Fork 0
Code Issues 7 Pull Requests Packages Projects Releases Wiki Activity

ShouldVerifyAuthdisable on admin request

Browse Source
This commit is contained in:
mr
2026-03-23 08:11:24 +01:00
parent b82b955045
commit ea2a98d84a
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
models/utils/common.go
View File

@@ -106,15 +106,16 @@ func ModelGenericUpdateOne(change map[string]interface{}, id string, a Accessor)
if !ok { if !ok {
return nil, nil, 403, errors.New("you are not allowed to update :" + a.GetType().String()) return nil, nil, 403, errors.New("you are not allowed to update :" + a.GetType().String())
} }
if a.ShouldVerifyAuth() && !r.VerifyAuth("update", a.GetRequest()) {
return nil, nil, 403, errors.New("you are not allowed to access :" + a.GetType().String())
}
} }
r.UpToDate(a.GetUser(), a.GetPeerID(), false) r.UpToDate(a.GetUser(), a.GetPeerID(), false)
if a.GetPeerID() == r.GetCreatorID() { if a.GetPeerID() == r.GetCreatorID() {
r.Unsign() r.Unsign()
r.Sign() r.Sign()
} }
if a.ShouldVerifyAuth() && !r.VerifyAuth("update", a.GetRequest()) {
return nil, nil, 403, errors.New("you are not allowed to access :" + a.GetType().String())
}
loaded := r.Serialize(r) // get the loaded object loaded := r.Serialize(r) // get the loaded object
for k, v := range change { // apply the changes, with a flatten method for k, v := range change { // apply the changes, with a flatten method