From 3ecb0e9d960b57e74fa32d46ac2c1d05a4bc633b Mon Sep 17 00:00:00 2001
From: mr <mr>
Date: Wed, 19 Feb 2025 11:41:52 +0100
Subject: [PATCH] set up auth for workspace

---
 models/resources/resource.go | 2 +-
 models/utils/abstracts.go    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/models/resources/resource.go b/models/resources/resource.go
index 1a54a8e..29386d6 100644
--- a/models/resources/resource.go
+++ b/models/resources/resource.go
@@ -89,7 +89,7 @@ func (r *AbstractInstanciatedResource[T]) GetSelectedInstance() utils.DBObject {
 }
 
 func (abs *AbstractInstanciatedResource[T]) SetAllowedInstances(request *tools.APIRequest) {
-	if request != nil && request.PeerID == abs.CreatorID {
+	if request != nil && request.PeerID == abs.CreatorID && request.PeerID != "" {
 		return
 	}
 	abs.Instances = verifyAuthAction[T](abs.Instances, request)
diff --git a/models/utils/abstracts.go b/models/utils/abstracts.go
index 9c349b1..81606ad 100644
--- a/models/utils/abstracts.go
+++ b/models/utils/abstracts.go
@@ -91,7 +91,7 @@ func (ao *AbstractObject) UpToDate(user string, peer string, create bool) {
 }
 
 func (ao *AbstractObject) VerifyAuth(request *tools.APIRequest) bool {
-	return ao.AccessMode == Public || (request != nil && ao.CreatorID == request.PeerID)
+	return ao.AccessMode == Public || (request != nil && ao.CreatorID == request.PeerID && request.PeerID != "")
 }
 
 func (ao *AbstractObject) GetObjectFilters(search string) *dbs.Filters {