From 33834a02c244b1dabbe8f9ce0a8fb723d6302821 Mon Sep 17 00:00:00 2001
From: Anton Sattarov <dirty.mew@gmail.com>
Date: Fri, 10 Nov 2023 11:59:47 +0100
Subject: [PATCH] fix

---
 pkg/permission/ruleset.go      | 4 ++--
 pkg/permission/ruleset_test.go | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/pkg/permission/ruleset.go b/pkg/permission/ruleset.go
index a915a055..0843afc7 100644
--- a/pkg/permission/ruleset.go
+++ b/pkg/permission/ruleset.go
@@ -127,10 +127,10 @@ func (r Rule) GetPermission(action Action) *Permission {
 			case ActionRead:
 				p.Filter = r.ReadFilter
 				p.UnallowedFields = append(p.UnallowedFields, r.HiddenFields...)
-				p.UnallowedFields = append(p.UnallowedFields, data.Difference(r.WriteonlyFields, r.ReadonlyFields)...)
+				p.UnallowedFields = append(p.UnallowedFields, r.WriteonlyFields...)
 			case ActionCreate, ActionUpdate, ActionDelete:
 				p.Filter = r.WriteFilter
-				p.UnallowedFields = append(p.UnallowedFields, data.Difference(r.ReadonlyFields, r.WriteonlyFields)...)
+				p.UnallowedFields = append(p.UnallowedFields, r.ReadonlyFields...)
 			}
 
 			p.UnallowedFields = data.SetFromSlice(p.UnallowedFields)
diff --git a/pkg/permission/ruleset_test.go b/pkg/permission/ruleset_test.go
index a0575384..175c3626 100644
--- a/pkg/permission/ruleset_test.go
+++ b/pkg/permission/ruleset_test.go
@@ -68,7 +68,7 @@ func TestRule_GetPermission(t *testing.T) {
 			name:            "ActionRead readonly&writeonly",
 			action:          ActionRead,
 			rule:            Rule{Actions: []Action{ActionRead, ActionUpdate}, ReadonlyFields: []string{"f1"}, HiddenFields: []string{"f2"}, WriteonlyFields: []string{"f1"}},
-			unallowedFields: []string{"f2"},
+			unallowedFields: []string{"f1", "f2"},
 		},
 		{
 			name:            "ActionUpdate",
@@ -80,7 +80,7 @@ func TestRule_GetPermission(t *testing.T) {
 			name:            "ActionUpdate readonly&writeonly",
 			action:          ActionUpdate,
 			rule:            Rule{Actions: []Action{ActionRead, ActionUpdate}, ReadonlyFields: []string{"f1"}, HiddenFields: []string{"f2"}, WriteonlyFields: []string{"f1"}},
-			unallowedFields: []string{},
+			unallowedFields: []string{"f1"},
 		},
 	}
 	for _, tt := range tests {
-- 
GitLab