fix: QR-Stempel-Status korrekt – Status vor mid-request commit ermitteln
public_action/auth riefen db.commit() vor _status() auf. SET LOCAL app.bypass_rls gilt nur pro Transaktion; nach dem Commit filterte RLS (mangels app.company_id auf der öffentlichen Route) alle Zeilen weg, sodass open immer False und today leer war. Status jetzt vor dem Commit ermitteln. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
@@ -104,9 +104,12 @@ async def public_auth(
|
|||||||
entity_id=user.id,
|
entity_id=user.id,
|
||||||
ip=get_client_ip(request),
|
ip=get_client_ip(request),
|
||||||
))
|
))
|
||||||
|
|
||||||
|
# Status vor dem Commit ermitteln (siehe public_action: commit() setzt
|
||||||
|
# SET LOCAL app.bypass_rls zurück → RLS würde danach alle Zeilen filtern).
|
||||||
|
status = await _status(user, db)
|
||||||
await db.commit()
|
await db.commit()
|
||||||
|
|
||||||
status = await _status(user, db)
|
|
||||||
return PublicStampAuthResponse(
|
return PublicStampAuthResponse(
|
||||||
session_token=session_token,
|
session_token=session_token,
|
||||||
user_name=_display_name(user),
|
user_name=_display_name(user),
|
||||||
@@ -149,7 +152,11 @@ async def public_action(
|
|||||||
entity_id=user.id,
|
entity_id=user.id,
|
||||||
ip=get_client_ip(request),
|
ip=get_client_ip(request),
|
||||||
))
|
))
|
||||||
|
|
||||||
|
# Status VOR dem Commit ermitteln: ein zwischenzeitliches commit() beendet die
|
||||||
|
# Transaktion und setzt `SET LOCAL app.bypass_rls` zurück – danach würde RLS
|
||||||
|
# (mangels app.company_id auf dieser öffentlichen Route) alle Zeilen filtern.
|
||||||
|
status = await _status(user, db)
|
||||||
await db.commit()
|
await db.commit()
|
||||||
|
|
||||||
status = await _status(user, db)
|
|
||||||
return PublicStampActionResponse(warnings=warnings, **status)
|
return PublicStampActionResponse(warnings=warnings, **status)
|
||||||
|
|||||||
Reference in New Issue
Block a user