mirror of
https://github.com/penpot/penpot.git
synced 2026-04-27 20:28:11 +00:00
ea265da1f3
`library.connectLibrary()` declared its permission check **outside** the `js/Promise.` wrapper, so when a plugin without `library:write` permission called `await library.connectLibrary(id)` the method did not return a `Promise` at all: - With the default `throwValidationErrors` flag off → `u/not-valid` logs to console and returns `nil`. `await nil` resolves to `nil`, so the plugin sees a "successful" result and crashes later when it tries to use methods on what it thinks is a `LibraryProxy`. - With `throwValidationErrors` on → `u/not-valid` throws synchronously, so the caller gets a thrown exception instead of a rejected promise — inconsistent with every other `library:*` / `content:*` method which always returns a Promise that rejects via `reject-not-valid`. Additionally, the in-Promise `(not (string? library-id))` branch used `(reject nil)` — the plugin got a rejected Promise but with no error message. Move the permission check inside the Promise constructor and replace both validation errors with `u/reject-not-valid`, matching the pattern used by the sibling methods `restore`, `remove`, `pin`, `saveVersion`, `findVersions` in `frontend/src/app/plugins/file.cljs` and every other promise-returning plugin method. No new imports. Also add a CHANGES.md entry under the 2.17.0 Unreleased bugs-fixed section. Signed-off-by: Andrey Antukh <niwi@niwi.nz> Co-authored-by: Andrey Antukh <niwi@niwi.nz>