Skip to content

bug: Update Service not respect run field #21

New issue
New issue
Open
Open
bug: Update Service not respect run field#21
@ho-229

Description

@ho-229
ho-229
opened on Aug 23, 2025

Describe the bug

When updating a service, the run field is not being respected.

Steps to Reproduce

  1. Create a service with specific run permissions.
curl -X POST \
  -H "Authorization: Bearer $JWT_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "my-awesome-service",
    "code": "export default async function handler(req) {\n  const url = new URL(req.url);\n  return new Response(JSON.stringify({\n    message: \"Hello from my awesome service!\",\n    method: req.method,\n    path: url.pathname,\n    timestamp: new Date().toISOString()\n  }), {\n    status: 200,\n    headers: { \"Content-Type\": \"application/json\" }\n  });\n}",
    "enabled": true,
    "jwt_check": false,
    "permissions": {
      "read": [],
      "write": [],
      "env": [],
      "run": ["/"]
    },
    "schema": "{\"openapi\":\"3.0.0\",\"info\":{\"title\":\"My Awesome Service\",\"version\":\"1.0.0\"}}"
  }' \
  http://localhost:8000/admin-api/v2/services
  1. Update the service with modifying the run field.
curl -X PUT \
  -H "Authorization: Bearer $JWT_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "my-awesome-service",
    "code": "export default async function handler(req) {\n  const url = new URL(req.url);\n  return new Response(JSON.stringify({\n    message: \"Hello from my awesome service!\",\n    method: req.method,\n    path: url.pathname,\n    timestamp: new Date().toISOString()\n  }), {\n    status: 200,\n    headers: { \"Content-Type\": \"application/json\" }\n  });\n}",
    "enabled": true,
    "jwt_check": false,
    "permissions": {
      "read": [],
      "write": [],
      "env": [],
      "run": ["/new-path"]
    },
    "schema": "{\"openapi\":\"3.0.0\",\"info\":{\"title\":\"My Awesome Service\",\"version\":\"1.0.0\"}}"
  }' \
  http://localhost:8000/admin-api/v2/services/my-awesome-service
  1. Get the service details.
curl -X GET \
  -H "Authorization: Bearer $JWT_TOKEN" \
  http://localhost:8000/admin-api/v2/services/my-awesome-service
{
    "name": "my-awesome-service",
    "code": "export default async function handler(req) {\n  const url = new URL(req.url);\n  return new Response(JSON.stringify({\n    message: \"Hello from my awesome service!\",\n    method: req.method,\n    path: url.pathname,\n    timestamp: new Date().toISOString()\n  }), {\n    status: 200,\n    headers: { \"Content-Type\": \"application/json\" }\n  });\n}",
    "enabled": true,
    "jwt_check": false,
    "permissions": {
      "read": [],
      "write": [],
      "env": [],
      "run": ["/"]
    },
    "schema": "{\"openapi\":\"3.0.0\",\"info\":{\"title\":\"My Awesome Service\",\"version\":\"1.0.0\"}}"
}

Expected Behavior

The run field should be respected.

Additional Context

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions