(responseWriteAfterTx bool, optFinalizer func(data any) error)
| 390 | } |
| 391 | |
| 392 | func recordUpdate(responseWriteAfterTx bool, optFinalizer func(data any) error) func(e *core.RequestEvent) error { |
| 393 | return func(e *core.RequestEvent) error { |
| 394 | collection, err := e.App.FindCachedCollectionByNameOrId(e.Request.PathValue("collection")) |
| 395 | if err != nil || collection == nil { |
| 396 | return e.NotFoundError("Missing collection context.", err) |
| 397 | } |
| 398 | |
| 399 | if collection.IsView() { |
| 400 | return e.BadRequestError("Unsupported collection type.", nil) |
| 401 | } |
| 402 | |
| 403 | err = checkCollectionRateLimit(e, collection, "update") |
| 404 | if err != nil { |
| 405 | return err |
| 406 | } |
| 407 | |
| 408 | recordId := e.Request.PathValue("id") |
| 409 | if recordId == "" { |
| 410 | return e.NotFoundError("", nil) |
| 411 | } |
| 412 | |
| 413 | requestInfo, err := e.RequestInfo() |
| 414 | if err != nil { |
| 415 | return firstApiError(err, e.BadRequestError("", err)) |
| 416 | } |
| 417 | |
| 418 | hasSuperuserAuth := requestInfo.HasSuperuserAuth() |
| 419 | |
| 420 | if !hasSuperuserAuth && collection.UpdateRule == nil { |
| 421 | return firstApiError(err, e.ForbiddenError("Only superusers can perform this action.", nil)) |
| 422 | } |
| 423 | |
| 424 | // eager fetch the record so that the modifiers field values can be resolved |
| 425 | record, err := e.App.FindRecordById(collection, recordId) |
| 426 | if err != nil { |
| 427 | return firstApiError(err, e.NotFoundError("", err)) |
| 428 | } |
| 429 | |
| 430 | data, err := recordDataFromRequest(e, record) |
| 431 | if err != nil { |
| 432 | return firstApiError(err, e.BadRequestError("Failed to read the submitted data.", err)) |
| 433 | } |
| 434 | |
| 435 | // replace modifiers fields so that the resolved value is always |
| 436 | // available when accessing requestInfo.Body |
| 437 | requestInfo.Body = data |
| 438 | |
| 439 | ruleFunc := func(q *dbx.SelectQuery) error { |
| 440 | if !hasSuperuserAuth && collection.UpdateRule != nil && *collection.UpdateRule != "" { |
| 441 | resolver := core.NewRecordFieldResolver(e.App, collection, requestInfo, true) |
| 442 | |
| 443 | expr, err := search.FilterData(*collection.UpdateRule).BuildExpr(resolver) |
| 444 | if err != nil { |
| 445 | return err |
| 446 | } |
| 447 | |
| 448 | q.AndWhere(expr) |
| 449 |
no test coverage detected
searching dependent graphs…