From 05705327cd35510452b938f79fd9cf3d73407e2d Mon Sep 17 00:00:00 2001
From: Matlink <matlink@matlink.fr>
Date: Sat, 17 Feb 2024 08:22:45 +0100
Subject: [PATCH] fix(groups): query full access via group only when necessary

Co-authored-by: Mathijs van Veluw <black.dex@gmail.com>
---
 src/api/core/organizations.rs | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs
index d7730807091..1bb450aa414 100644
--- a/src/api/core/organizations.rs
+++ b/src/api/core/organizations.rs
@@ -325,9 +325,7 @@ async fn get_org_collections_details(org_id: &str, headers: ManagerHeadersLoose,
     let coll_users = CollectionUser::find_by_organization(org_id, &mut conn).await;
 
     // check if current user has full access to the organization (either directly or via any group)
-    let has_full_access_via_group =
-        CONFIG.org_groups_enabled() && GroupUser::has_full_access_by_member(org_id, &user_org.uuid, &mut conn).await;
-    let has_full_access_to_org = user_org.access_all || has_full_access_via_group;
+    let has_full_access_to_org = user_org.access_all || (CONFIG.org_groups_enabled() && GroupUser::has_full_access_by_member(org_id, &user_org.uuid, &mut conn).await);
 
     for col in Collection::find_by_organization(org_id, &mut conn).await {
         // assigned indicates whether the current user has access to the given collection