From 73f1b223ff0c82edf429d6bd1433f1d60b832e01 Mon Sep 17 00:00:00 2001
From: Gani Georgiev <gani.georgiev@gmail.com>
Date: Wed, 1 Jan 2025 17:19:30 +0200
Subject: [PATCH] directly resolve to null for auth check with missing
 RequestInfo.Auth field

---
 core/record_field_resolver.go        | 2 +-
 core/record_field_resolver_runner.go | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/core/record_field_resolver.go b/core/record_field_resolver.go
index 7efc9915..9af0d640 100644
--- a/core/record_field_resolver.go
+++ b/core/record_field_resolver.go
@@ -215,7 +215,7 @@ func (r *RecordFieldResolver) resolveStaticRequestField(path ...string) (*search
 		resultVal = val
 	}
 
-	placeholder := "f" + security.PseudorandomString(6)
+	placeholder := "f" + security.PseudorandomString(8)
 
 	if modifier == lowerModifier {
 		return &search.ResolverResult{
diff --git a/core/record_field_resolver_runner.go b/core/record_field_resolver_runner.go
index c67cfe4d..89af528e 100644
--- a/core/record_field_resolver_runner.go
+++ b/core/record_field_resolver_runner.go
@@ -197,6 +197,10 @@ func (r *runner) processCollectionField() (*search.ResolverResult, error) {
 }
 
 func (r *runner) processRequestAuthField() (*search.ResolverResult, error) {
+	if r.resolver.requestInfo == nil || r.resolver.requestInfo.Auth == nil || r.resolver.requestInfo.Auth.Collection() == nil {
+		return &search.ResolverResult{Identifier: "NULL"}, nil
+	}
+
 	// plain auth field
 	// ---
 	if _, ok := plainRequestAuthFields[r.fieldName]; ok {
@@ -205,10 +209,6 @@ func (r *runner) processRequestAuthField() (*search.ResolverResult, error) {
 
 	// resolve the auth collection field
 	// ---
-	if r.resolver.requestInfo == nil || r.resolver.requestInfo.Auth == nil || r.resolver.requestInfo.Auth.Collection() == nil {
-		return &search.ResolverResult{Identifier: "NULL"}, nil
-	}
-
 	collection := r.resolver.requestInfo.Auth.Collection()
 
 	r.activeCollectionName = collection.Name