search

statamic / cms

The core Laravel CMS Composer package
https://statamic.com
Other
3.97k stars 524 forks source link

API resources definition for collections with numeric names do not work #9570

Closed rrelmy closed 7 months ago

rrelmy commented 7 months ago

Bug description

When using fully numeric handles for collections like "2024" the API resource configuration does not work.

The collection is not included when enabling all resources, neither does a specific defintion like "2024" => true work.

Cause

The ResourceAuthorizer checks for numeric keys and swaps the value to the key, allowing configurations like ["pages", "other_collection"] https://github.com/statamic/cms/blob/4.x/src/API/ResourceAuthorizer.php#L47

Workaround

    'resources' => [
        'collections' => [
            "2024" => "2024", // 😏
        ],

Do not use numeric handles :-D

How to reproduce

Logs

No response

Environment

Environment
Application Name: <>
Laravel Version: 10.45.0
PHP Version: 8.3.2
Composer Version: 2.7.1
Environment: local
Debug Mode: ENABLED
URL: localhost:8000
Maintenance Mode: OFF

Cache
Config: NOT CACHED
Events: NOT CACHED
Routes: NOT CACHED
Views: NOT CACHED

Drivers
Broadcasting: null
Cache: statamic
Database: sqlite
Logs: stack / daily
Mail: log
Queue: sync
Session: file

Statamic
Addons: 2
Antlers: runtime
Sites: 2 (Deutsch, English)
Stache Watcher: Enabled
Static Caching: Disabled
Version: 4.49.0 PRO

Statamic Addons
doublethreedigital/runway: 5.6.1
statamic/seo-pro: 5.4.1

Installation

Fresh statamic/statamic site via CLI

Antlers Parser

Runtime (default)

Additional details

I only tested the REST API

duncanmcclean commented 7 months ago

We would probably recommend that you don't use just numbers for collection handles (or any other kind of handle for that matter).