From 63eb346a4a81a965ddc2f99d06ce7dafa382ea03 Mon Sep 17 00:00:00 2001
From: Denis Arh <denis.arh@gmail.com>
Date: Fri, 27 Mar 2020 12:46:58 +0100
Subject: [PATCH] Fix server script security

Security params must be processed before procesing iterator
---
 pkg/corredor/service.go | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/pkg/corredor/service.go b/pkg/corredor/service.go
index 0179105bf..0b8fe096c 100644
--- a/pkg/corredor/service.go
+++ b/pkg/corredor/service.go
@@ -449,6 +449,15 @@ func (svc *service) registerServerScripts(ss ...*ServerScript) {
 			Iterator:    script.Iterator,
 		}
 
+		if len(s.Errors) == 0 {
+			if sec, rr, err := svc.serverScriptSecurity(script); err != nil {
+				s.Errors = append(s.Errors, err.Error())
+			} else {
+				s.Security = sec
+				svc.permissions = append(svc.permissions, rr...)
+			}
+		}
+
 		// Corredor can (by design) serve us script with errors (load, parse time) and
 		// they need to be ignored by security, trigger, iterator handlers
 		if len(s.Errors) == 0 {
@@ -468,15 +477,6 @@ func (svc *service) registerServerScripts(ss ...*ServerScript) {
 			}
 		}
 
-		if len(s.Errors) == 0 {
-			if sec, rr, err := svc.serverScriptSecurity(script); err != nil {
-				s.Errors = append(s.Errors, err.Error())
-			} else {
-				s.Security = sec
-				svc.permissions = append(svc.permissions, rr...)
-			}
-		}
-
 		if len(s.Errors) == 0 {
 			svc.log.Debug(
 				"script registered",