lgcosta/paperless-ngx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix: dont overwrite permissions with non-json patch requests

Browse Source 
Update serialisers.py
This commit is contained in:
shamoon
2025-03-13 21:43:33 -07:00
parent 7146a5f4fc
commit 2f02142651
2 changed files with 51 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/documents/serialisers.py
View File

@@ -226,7 +226,11 @@ class SerializerWithPerms(serializers.Serializer):
},
)
class SetPermissionsSerializer(serializers.DictField):
pass
def validate_empty_values(self, data: dict | None):
if data is fields.empty or (data is not None and len(data) == 0):
# allow empty but skip the field to prevent overwriting permissions
raise fields.SkipField
return super().validate_empty_values(data)
class OwnedObjectSerializer(