tomas/pocketbase
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

disallow client-side filtering and sorting of relations where the collection of the last targeted field has superusers only List/Search API rule

Browse Source
This commit is contained in:
Gani Georgiev
2025-10-23 17:22:47 +03:00
parent 885d907beb
commit 7b6b71e18d
5 changed files with 73 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apis/record_crud.go
+1 -1
View File
@@ -118,7 +118,7 @@ func recordsList(e *core.RequestEvent) error {
len(e.Records) == 0 &&
checkRateLimit(e.RequestEvent, "@pb_list_timing_check_"+collection.Id, listTimingRateLimitRule) != nil {
e.App.Logger().Debug("Randomized throttle because of too many failed searches", "collectionId", collection.Id)
randomizedThrottle(150)
randomizedThrottle(500)
}
return execAfterSuccessTx(true, e.App, func() error {