Fix access control check in $search() function
This commit is contained in:
Travis Briggs
parent
0caec9841b
commit
a22f232ae3
1 changed files with 1 additions and 1 deletions
|
|
@ -1162,7 +1162,7 @@ def funcparser_callable_search(*args, caller=None, access="control", **kwargs):
|
||||||
)
|
)
|
||||||
|
|
||||||
for target in targets:
|
for target in targets:
|
||||||
if not target.access(caller, target, access):
|
if not target.access(caller, access):
|
||||||
raise ParsingError("$search Cannot add found entity - access failure.")
|
raise ParsingError("$search Cannot add found entity - access failure.")
|
||||||
|
|
||||||
return list(targets) if return_list else targets[0]
|
return list(targets) if return_list else targets[0]
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue