@saltcorn/server 0.8.1-beta.1 → 0.8.1-beta.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +8 -8
- package/routes/fields.js +18 -8
package/package.json
CHANGED
|
@@ -1,18 +1,18 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@saltcorn/server",
|
|
3
|
-
"version": "0.8.1-beta.
|
|
3
|
+
"version": "0.8.1-beta.3",
|
|
4
4
|
"description": "Server app for Saltcorn, open-source no-code platform",
|
|
5
5
|
"homepage": "https://saltcorn.com",
|
|
6
6
|
"main": "index.js",
|
|
7
7
|
"license": "MIT",
|
|
8
8
|
"dependencies": {
|
|
9
|
-
"@saltcorn/base-plugin": "0.8.1-beta.
|
|
10
|
-
"@saltcorn/builder": "0.8.1-beta.
|
|
11
|
-
"@saltcorn/data": "0.8.1-beta.
|
|
12
|
-
"@saltcorn/admin-models": "0.8.1-beta.
|
|
13
|
-
"@saltcorn/filemanager": "0.8.1-beta.
|
|
14
|
-
"@saltcorn/markup": "0.8.1-beta.
|
|
15
|
-
"@saltcorn/sbadmin2": "0.8.1-beta.
|
|
9
|
+
"@saltcorn/base-plugin": "0.8.1-beta.3",
|
|
10
|
+
"@saltcorn/builder": "0.8.1-beta.3",
|
|
11
|
+
"@saltcorn/data": "0.8.1-beta.3",
|
|
12
|
+
"@saltcorn/admin-models": "0.8.1-beta.3",
|
|
13
|
+
"@saltcorn/filemanager": "0.8.1-beta.3",
|
|
14
|
+
"@saltcorn/markup": "0.8.1-beta.3",
|
|
15
|
+
"@saltcorn/sbadmin2": "0.8.1-beta.3",
|
|
16
16
|
"@socket.io/cluster-adapter": "^0.1.0",
|
|
17
17
|
"@socket.io/sticky": "^1.0.1",
|
|
18
18
|
"aws-sdk": "^2.1037.0",
|
package/routes/fields.js
CHANGED
|
@@ -707,17 +707,27 @@ router.post(
|
|
|
707
707
|
const { tableName, fieldName, fieldview } = req.params;
|
|
708
708
|
const table = await Table.findOne({ name: tableName });
|
|
709
709
|
const role = req.user && req.user.id ? req.user.role_id : 10;
|
|
710
|
-
|
|
710
|
+
|
|
711
|
+
const fields = await table.getFields();
|
|
712
|
+
let row = { ...req.body };
|
|
713
|
+
if (row && Object.keys(row).length > 0) readState(row, fields);
|
|
714
|
+
const id = req.query.id || row.id;
|
|
715
|
+
if (id) {
|
|
716
|
+
let dbrow = await table.getRow({ id });
|
|
717
|
+
row = { ...dbrow, ...row };
|
|
718
|
+
//prevent overwriting ownership field
|
|
719
|
+
if (table.ownership_field_id) {
|
|
720
|
+
const ofield = fields.find((f) => f.id === table.ownership_field_id);
|
|
721
|
+
row[ofield.name] = dbrow[ofield.name];
|
|
722
|
+
}
|
|
723
|
+
}
|
|
724
|
+
if (
|
|
725
|
+
role > table.min_role_read &&
|
|
726
|
+
!(req.user && table.is_owner(req.user, row))
|
|
727
|
+
) {
|
|
711
728
|
res.status(401).send("");
|
|
712
729
|
return;
|
|
713
730
|
}
|
|
714
|
-
const fields = await table.getFields();
|
|
715
|
-
let row = { ...req.body };
|
|
716
|
-
if (!row || Object.keys(row).length === 0) {
|
|
717
|
-
const { id } = req.query;
|
|
718
|
-
if (id) row = await table.getRow({ id });
|
|
719
|
-
} else readState(row, fields);
|
|
720
|
-
|
|
721
731
|
if (fieldName.includes(".")) {
|
|
722
732
|
//join field
|
|
723
733
|
const kpath = fieldName.split(".");
|