Fix issue when user is manager and in a group having access to all co…

…llections
dani-garcia · Aug 5, 2023 · d282b32 · d282b32
1 parent e4378f0
commit d282b32
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 2 deletions.
diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs
@@ -323,6 +323,8 @@ async fn get_org_collections_details(org_id: &str, headers: ManagerHeadersLoose,
     };
 
     let coll_users = CollectionUser::find_by_organization(org_id, &mut conn).await;
+    // uuids of users in groups having access to all collections
+    let all_access_group_uuids = GroupUser::get_all_access_group_users_uuid(org_id, &mut conn).await;
 
     for col in Collection::find_by_organization(org_id, &mut conn).await {
         let groups: Vec<Value> = if CONFIG.org_groups_enabled() {
@@ -356,8 +358,8 @@ async fn get_org_collections_details(org_id: &str, headers: ManagerHeadersLoose,
             })
             .collect();
 
-        // if current user is in any collection-assigned group
-        if group_users.contains(&user_org.uuid) {
+        // if current user is in any collection-assigned group or in a group having access to all collections
+        if group_users.contains(&user_org.uuid) || all_access_group_uuids.contains(&user_org.uuid) {
             assigned = true;
         }
 

diff --git a/src/db/models/group.rs b/src/db/models/group.rs
@@ -503,6 +503,22 @@ impl GroupUser {
         .collect()
     }
 
+    pub async fn get_all_access_group_users_uuid(org_uuid: &str, conn: &mut DbConn) -> HashSet<String> {
+        db_run! { conn: {
+            groups_users::table
+                .inner_join(groups::table.on(
+                    groups::uuid.eq(groups_users::groups_uuid)
+                ))
+                .filter(groups::organizations_uuid.eq(org_uuid))
+                .filter(groups::access_all.eq(true))
+                .select(groups_users::users_organizations_uuid)
+                .load::<String>(conn)
+                .expect("Error loading all access group users for organization")
+        }}
+        .into_iter()
+        .collect()
+    }
+
     pub async fn update_user_revision(&self, conn: &mut DbConn) {
         match UserOrganization::find_by_uuid(&self.users_organizations_uuid, conn).await {
             Some(user) => User::update_uuid_revision(&user.user_uuid, conn).await,