Revert "refactor: streamline id handling and security checks in runFindTriggers"

EmpiDev · EmpiDev · commit f5acfa04bebd · 2025-08-28T11:09:21.000+02:00
This reverts commit 0d68f26.
diff --git a/src/rest.js b/src/rest.js
@@ -34,6 +34,7 @@ async function runFindTriggers(
   options = {}
 ) {
   const { isGet } = options;
+  
   // Run beforeFind trigger - may modify query or return objects directly
   const result = await triggers.maybeRunQueryTrigger(
     triggers.Types.beforeFind,
@@ -58,18 +59,11 @@ async function runFindTriggers(
 
     // Security check: Re-filter objects if not master to ensure ACL/CLP compliance
     if (!auth?.isMaster && !auth?.isMaintenance) {
-      const inputArray = Array.isArray(objectsFromBeforeFind)
-        ? objectsFromBeforeFind
-        : [objectsFromBeforeFind];
-
-      const ids = inputArray
+      const ids = (Array.isArray(objectsFromBeforeFind) ? objectsFromBeforeFind : [objectsFromBeforeFind])
         .map(o => (o && (o.id || o.objectId)) || null)
         .filter(Boolean);
 
-      // If no valid ids are present, do not return unsanitized data
-      if (ids.length === 0) {
-        objectsForAfterFind = [];
-      } else {
+      if (ids.length > 0) {
         const refilterWhere = isGet ? { objectId: ids[0] } : { objectId: { $in: ids } };
 
         // Re-query with proper security: no triggers to avoid infinite loops
