From bcbffbc8b2af0e5c37b4a27fb84d5a7ae72ed629 Mon Sep 17 00:00:00 2001
From: katherinehhh <katherine_15995@163.com>
Date: Wed, 12 Mar 2025 22:38:28 +0800
Subject: [PATCH] fix: custom request server-side permission validation error

---
 .../plugin-action-custom-request/src/server/actions/send.ts  | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/packages/plugins/@nocobase/plugin-action-custom-request/src/server/actions/send.ts b/packages/plugins/@nocobase/plugin-action-custom-request/src/server/actions/send.ts
index 240f52e08b..c44e1f6c99 100644
--- a/packages/plugins/@nocobase/plugin-action-custom-request/src/server/actions/send.ts
+++ b/packages/plugins/@nocobase/plugin-action-custom-request/src/server/actions/send.ts
@@ -77,13 +77,12 @@ export async function send(this: CustomRequestPlugin, ctx: Context, next: Next)
 
   // root role has all permissions
   if (ctx.state.currentRole !== 'root') {
-    const crRepo = ctx.db.getRepository('customRequestsRoles');
+    const crRepo = ctx.db.getRepository('uiButtonSchemasRoles');
     const hasRoles = await crRepo.find({
       filter: {
-        customRequestKey: filterByTk,
+        uid: filterByTk,
       },
     });
-
     if (hasRoles.length) {
       if (!hasRoles.find((item) => item.roleName === ctx.state.currentRole)) {
         return ctx.throw(403, 'custom request no permission');