fix(groups): query full access via group only when necessary

Co-authored-by: Mathijs van Veluw <[email protected]>
dani-garcia · Feb 17, 2024 · 0570532 · 0570532
1 parent dba2967
commit 0570532
Showing 1 changed file with 1 addition and 3 deletions.
diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs
@@ -325,9 +325,7 @@ async fn get_org_collections_details(org_id: &str, headers: ManagerHeadersLoose,
     let coll_users = CollectionUser::find_by_organization(org_id, &mut conn).await;
 
     // check if current user has full access to the organization (either directly or via any group)
-    let has_full_access_via_group =
-        CONFIG.org_groups_enabled() && GroupUser::has_full_access_by_member(org_id, &user_org.uuid, &mut conn).await;
-    let has_full_access_to_org = user_org.access_all || has_full_access_via_group;
+    let has_full_access_to_org = user_org.access_all || (CONFIG.org_groups_enabled() && GroupUser::has_full_access_by_member(org_id, &user_org.uuid, &mut conn).await);
 
     for col in Collection::find_by_organization(org_id, &mut conn).await {
         // assigned indicates whether the current user has access to the given collection