From 05256e7ec811ac6985b0944860e58d1b862d1d7b Mon Sep 17 00:00:00 2001
From: Diana Sindrilaru <diana.sindrilaru@binarcode.com>
Date: Fri, 27 Aug 2021 10:14:53 +0300
Subject: [PATCH 1/2] Prevent action handlers from being called when iterating
 over non-actionable fields

---
 src/Fields/Concerns/HasAction.php |  2 +-
 src/Fields/Field.php              | 48 ++++++++++---------------------
 src/Repositories/Repository.php   | 14 +++++++++
 3 files changed, 30 insertions(+), 34 deletions(-)

diff --git a/src/Fields/Concerns/HasAction.php b/src/Fields/Concerns/HasAction.php
index c91f1c7ed..26db6ed9f 100644
--- a/src/Fields/Concerns/HasAction.php
+++ b/src/Fields/Concerns/HasAction.php
@@ -6,7 +6,7 @@
 
 trait HasAction
 {
-    protected ?Action $actionHandler = null;
+    public ?Action $actionHandler = null;
 
     public function action(Action $action): self
     {
diff --git a/src/Fields/Field.php b/src/Fields/Field.php
index 1d37f803c..c22f3fa43 100644
--- a/src/Fields/Field.php
+++ b/src/Fields/Field.php
@@ -649,41 +649,23 @@ public function afterStore(Closure $callback)
 
     public function invokeAfter(RestifyRequest $request, Model $model): void
     {
-        if ($request->isStoreRequest()) {
-            $request->repository()
-                ->collectFields($request)
-                ->forStore($request, $request->repository())
-                ->withActions($request, $this)
-                ->authorizedStore($request)
-                ->each(fn (Field $field) => $field->actionHandler->handle($request, $model));
-
-            if (is_callable($this->afterStoreCallback)) {
-                call_user_func(
-                    $this->afterStoreCallback,
-                    data_get($model, $this->attribute),
-                    $model,
-                    $request
-                );
-            }
+        if ($request->isStoreRequest() && is_callable($this->afterStoreCallback)) {
+            call_user_func(
+                $this->afterStoreCallback,
+                data_get($model, $this->attribute),
+                $model,
+                $request
+            );
         }
 
-        if ($request->isUpdateRequest()) {
-            $request->repository()
-                ->collectFields($request)
-                ->forUpdate($request, $request->repository())
-                ->withActions($request, $this)
-                ->authorizedUpdate($request)
-                ->each(fn (Field $field) => $field->actionHandler->handle($request, $model));
-
-            if (is_callable($this->afterUpdateCallback)) {
-                call_user_func(
-                    $this->afterUpdateCallback,
-                    $this->resolveAttribute($model, $this->attribute),
-                    $this->valueBeforeUpdate,
-                    $model,
-                    $request
-                );
-            }
+        if ($request->isUpdateRequest() && is_callable($this->afterUpdateCallback)) {
+            call_user_func(
+                $this->afterUpdateCallback,
+                $this->resolveAttribute($model, $this->attribute),
+                $this->valueBeforeUpdate,
+                $model,
+                $request
+            );
         }
     }
 
diff --git a/src/Repositories/Repository.php b/src/Repositories/Repository.php
index cb4650f64..a9c9e40fb 100644
--- a/src/Repositories/Repository.php
+++ b/src/Repositories/Repository.php
@@ -635,6 +635,13 @@ public function store(RestifyRequest $request)
             }
 
             $fields->each(fn (Field $field) => $field->invokeAfter($request, $this->resource));
+
+            $request->repository()
+                ->collectFields($request)
+                ->forStore($request, $request->repository())
+                ->withActions($request, $this)
+                ->authorizedStore($request)
+                ->each(fn (Field $field) => $field->actionHandler->handle($request, $this->resource));
         });
 
         static::stored($this->resource, $request);
@@ -702,6 +709,13 @@ public function update(RestifyRequest $request, $repositoryId)
             fn (Field $field) => $field->invokeAfter($request, $this->resource)
         );
 
+        $request->repository()
+            ->collectFields($request)
+            ->forUpdate($request, $request->repository())
+            ->withActions($request, $this)
+            ->authorizedUpdate($request)
+            ->each(fn (Field $field) => $field->actionHandler->handle($request, $this->resource));
+
         return $this->response()
             ->data($this->serializeForShow($request))
             ->success();

From c71dd02e26801fefbe8148503673bb0a0f2be3b7 Mon Sep 17 00:00:00 2001
From: Diana Sindrilaru <diana.sindrilaru@binarcode.com>
Date: Fri, 27 Aug 2021 10:55:43 +0300
Subject: [PATCH 2/2] Replacement fix

---
 src/Repositories/Repository.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/Repositories/Repository.php b/src/Repositories/Repository.php
index a9c9e40fb..0d15f6480 100644
--- a/src/Repositories/Repository.php
+++ b/src/Repositories/Repository.php
@@ -638,7 +638,7 @@ public function store(RestifyRequest $request)
 
             $request->repository()
                 ->collectFields($request)
-                ->forStore($request, $request->repository())
+                ->forStore($request, $this)
                 ->withActions($request, $this)
                 ->authorizedStore($request)
                 ->each(fn (Field $field) => $field->actionHandler->handle($request, $this->resource));
@@ -711,7 +711,7 @@ public function update(RestifyRequest $request, $repositoryId)
 
         $request->repository()
             ->collectFields($request)
-            ->forUpdate($request, $request->repository())
+            ->forUpdate($request, $this)
             ->withActions($request, $this)
             ->authorizedUpdate($request)
             ->each(fn (Field $field) => $field->actionHandler->handle($request, $this->resource));