Fix js_authorizer() validation for bad rules

penberg · penberg · commit 086560ef9a37 · 2025-04-23T13:02:39.000+03:00
diff --git a/src/database.rs b/src/database.rs
@@ -393,6 +393,11 @@ impl Database {
             } else if value == 1 {
                 // Authorization.DENY
                 auth.deny(&key);
+            } else {
+                return cx.throw_error(format!(
+                    "Invalid authorization rule value '{}' for table '{}'. Expected 0 (ALLOW) or 1 (DENY).",
+                    value, key
+                ));
             }
         }
         let auth = auth.build();

Original file line number	Diff line number	Diff line change
`@@ -393,6 +393,11 @@ impl Database {`
`393`	`393`	`} else if value == 1 {`
`394`	`394`	`// Authorization.DENY`
`395`	`395`	`auth.deny(&key);`
	`396`	`+ } else {`
	`397`	`+ return cx.throw_error(format!(`
	`398`	`+ "Invalid authorization rule value '{}' for table '{}'. Expected 0 (ALLOW) or 1 (DENY).",`
	`399`	`+ value, key`
	`400`	`+ ));`
`396`	`401`	`}`
`397`	`402`	`}`
`398`	`403`	`let auth = auth.build();`