fix regression

dr3mro · Dec 18, 2024 · 373945c · 373945c
1 parent 4e8e024
commit 373945c
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 5 deletions.
diff --git a/src/entities/base/entity.hpp b/src/entities/base/entity.hpp
@@ -44,7 +44,7 @@ class Entity : public Base
             std::string columns = fmt::format("{}", fmt::join(keys_arr, ","));
             std::string values  = fmt::format("'{}'", fmt::join(values_arr, "','"));
 
-            query = fmt::format("INSERT INTO {} ({}) VALUES ({}) RETURNING id;", tablename, columns, values);
+            query = fmt::format("INSERT INTO {} ({}) VALUES ({}) RETURNING *;", tablename, columns, values);
         }
         catch (const std::exception &e)
         {
@@ -101,7 +101,7 @@ class Entity : public Base
                 }
             }
 
-            query = fmt::format("UPDATE {} set {} WHERE id={} returning id;", tablename, update_column_values, id.value());
+            query = fmt::format("UPDATE {} set {} WHERE id={} returning *;", tablename, update_column_values, id.value());
         }
         catch (const std::exception &e)
         {

diff --git a/src/gatekeeper/permissionmanager/permissionmanager_private.cpp b/src/gatekeeper/permissionmanager/permissionmanager_private.cpp
@@ -159,11 +159,15 @@ bool api::v2::PermissionManagerPrivate::preServiceCreateChecks(const Requester&
 bool api::v2::PermissionManagerPrivate::isOwnerOrAdminOrHasPermission(
     const Requester& requester, const std::optional<jsoncons::json>& permissions_j, const std::string& service_name, Http::Error& error)
 {
-    if (!this->isOwnerOrAdmin(requester, permissions_j, service_name, error) ||
-        !this->hasPermission(requester, permissions_j, Permissions::PowerLevel::CAN_DELETE, service_name, error))
+    if (this->isOwnerOrAdmin(requester, permissions_j, service_name, error))
+    {
+        return true;
+    }
+
+    if (!this->hasPermission(requester, permissions_j, Permissions::PowerLevel::CAN_DELETE, service_name, error))
     {
         error.code    = Http::Status::FORBIDDEN;
-        error.message = fmt::format("You don't have the permission to delete  {} {}", service_name, error.message);
+        error.message = fmt::format("You don't have the permission to manage  {} {}", service_name, error.message);
         return false;
     }
     return true;