fix

Signed-off-by: wang yan <wangyan@vmware.com>
wy65701436 · Sep 23, 2024 · e8a3136 · e8a3136
1 parent 7af5441
commit e8a3136
Showing 1 changed file with 13 additions and 13 deletions.
diff --git a/src/server/v2.0/handler/robot.go b/src/server/v2.0/handler/robot.go
@@ -434,20 +434,20 @@ func (rAPI *robotAPI) updateV2Robot(ctx context.Context, params operation.Update
 			return err
 		}
 
-		scRobots, err := rAPI.robotCtl.List(ctx, q.New(q.KeyWords{
-			"name":       strings.TrimPrefix(sc.GetUsername(), config.RobotPrefix(ctx)),
-			"project_id": r.ProjectID,
-		}), &robot.Option{
-			WithPermission: true,
-		})
-		if err != nil {
-			return err
-		}
-		if len(scRobots) == 0 {
-			return errors.DeniedError(nil)
-		}
-
 		if creatorRobot != nil {
+			scRobots, err := rAPI.robotCtl.List(ctx, q.New(q.KeyWords{
+				"name":       strings.TrimPrefix(sc.GetUsername(), config.RobotPrefix(ctx)),
+				"project_id": r.ProjectID,
+			}), &robot.Option{
+				WithPermission: true,
+			})
+			if err != nil {
+				return err
+			}
+			if len(scRobots) == 0 {
+				return errors.DeniedError(nil)
+			}
+
 			if scRobots[0].ID != creatorRobot.ID || scRobots[0].ID != r.ID {
 				return errors.New(nil).WithMessage("as for a nested robot account, only person who has the right permission or the creator robot or nested robot itself has the permission to update").WithCode(errors.DENIED)
 			}