From dcc3c4fabba734da6080a3098749a430d2edc677 Mon Sep 17 00:00:00 2001
From: Tobie Morgan Hitchcock <tobie@surrealdb.com>
Date: Sun, 20 Aug 2023 00:34:41 +0100
Subject: [PATCH] Ensure records can be created correctly when using `INSERT`
 statement (#2466)

---
 lib/src/doc/insert.rs |  2 --
 lib/tests/create.rs   | 59 +++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 59 insertions(+), 2 deletions(-)

diff --git a/lib/src/doc/insert.rs b/lib/src/doc/insert.rs
index 67f12f4e..baed5806 100644
--- a/lib/src/doc/insert.rs
+++ b/lib/src/doc/insert.rs
@@ -17,8 +17,6 @@ impl<'a> Document<'a> {
 		match self.current.doc.is_some() {
 			// Run INSERT clause
 			false => {
-				// Check if allowed
-				self.allow(ctx, opt, txn, stm).await?;
 				// Merge record data
 				self.merge(ctx, opt, txn, stm).await?;
 				// Merge fields data
diff --git a/lib/tests/create.rs b/lib/tests/create.rs
index 42e49821..f72e9d20 100644
--- a/lib/tests/create.rs
+++ b/lib/tests/create.rs
@@ -4,6 +4,7 @@ use surrealdb::dbs::Session;
 use surrealdb::err::Error;
 use surrealdb::iam::Role;
 use surrealdb::kvs::Datastore;
+use surrealdb::sql::Thing;
 use surrealdb::sql::Value;
 
 #[tokio::test]
@@ -135,6 +136,64 @@ async fn create_with_id() -> Result<(), Error> {
 	Ok(())
 }
 
+#[tokio::test]
+async fn create_or_insert_with_permissions() -> Result<(), Error> {
+	let sql = "
+		CREATE user:test;
+		DEFINE TABLE user SCHEMAFULL PERMISSIONS FULL;
+		DEFINE TABLE demo SCHEMAFULL PERMISSIONS FOR select, create, update WHERE user = $auth.id;
+		DEFINE FIELD user ON TABLE demo VALUE $auth.id;
+	";
+	let dbs = Datastore::new("memory").await?.with_auth_enabled(true);
+	let ses = Session::owner().with_ns("test").with_db("test");
+	let res = &mut dbs.execute(sql, &ses, None).await?;
+	assert_eq!(res.len(), 4);
+	//
+	let tmp = res.remove(0).result;
+	assert!(tmp.is_ok());
+	//
+	let tmp = res.remove(0).result;
+	assert!(tmp.is_ok());
+	//
+	let tmp = res.remove(0).result;
+	assert!(tmp.is_ok());
+	//
+	let tmp = res.remove(0).result;
+	assert!(tmp.is_ok());
+	//
+	let sql = "
+		CREATE demo SET id = demo:one;
+		INSERT INTO demo (id) VALUES (demo:two);
+	";
+	let ses = Session::for_scope("test", "test", "test", Thing::from(("user", "test")).into());
+	let res = &mut dbs.execute(sql, &ses, None).await?;
+	assert_eq!(res.len(), 2);
+	//
+	let tmp = res.remove(0).result?;
+	let val = Value::parse(
+		"[
+			{
+				id: demo:one,
+				user: user:test,
+			},
+		]",
+	);
+	assert_eq!(tmp, val);
+	//
+	let tmp = res.remove(0).result?;
+	let val = Value::parse(
+		"[
+			{
+				id: demo:two,
+				user: user:test,
+			},
+		]",
+	);
+	assert_eq!(tmp, val);
+	//
+	Ok(())
+}
+
 #[tokio::test]
 async fn create_on_none_values_with_unique_index() -> Result<(), Error> {
 	let sql = "