From 98b1d871508bd187c2b520fdf6dd22ca53eb5881 Mon Sep 17 00:00:00 2001
From: Jared <translucency@outlook.com>
Date: Fri, 4 Dec 2020 12:33:36 -0800
Subject: [PATCH] Fix device filtering.

---
 Server/Services/DataService.cs | 35 ++++++++++++++++++++--------------
 1 file changed, 21 insertions(+), 14 deletions(-)

diff --git a/Server/Services/DataService.cs b/Server/Services/DataService.cs
index 2292944c4..fcedb9054 100644
--- a/Server/Services/DataService.cs
+++ b/Server/Services/DataService.cs
@@ -580,7 +580,7 @@ public bool DoesUserHaveAccessToDevice(string deviceID, RemotelyUser remotelyUse
                     device.ID == deviceID &&
                     (
                         remotelyUser.IsAdministrator ||
-                        device.DeviceGroup.PermissionLinks.Count == 0 ||
+                        string.IsNullOrWhiteSpace(device.DeviceGroupID) ||
                         device.DeviceGroup.PermissionLinks.Any(permission => permission.UserID == remotelyUser.Id
                     )));
         }
@@ -616,18 +616,24 @@ public string[] FilterUsersByDevicePermission(IEnumerable<string> userIDs, strin
                 .ThenInclude(x => x.PermissionLinks)
                 .FirstOrDefault(x => x.ID == deviceID);
 
+            var orgUsers = RemotelyContext.Users
+                .Where(user =>
+                    user.OrganizationID == device.OrganizationID &&
+                    userIDs.Contains(user.Id));
+
+            if (string.IsNullOrWhiteSpace(device.DeviceGroupID))
+            {
+                return orgUsers
+                    .Select(x => x.Id)
+                    .ToArray();
+            }
+
             var allowedUsers = device?.DeviceGroup?.PermissionLinks?.Select(x => x.UserID) ?? Array.Empty<string>();
 
-            return RemotelyContext.Users
-                .Include(x => x.PermissionLinks)
+            return orgUsers
                 .Where(user =>
-                    user.OrganizationID == device.OrganizationID &&
-                    userIDs.Contains(user.Id) &&
-                    (
-                        user.IsAdministrator ||
-                        allowedUsers.Any() ||
-                        allowedUsers.Contains(user.Id)
-                    )
+                    user.IsAdministrator ||
+                    allowedUsers.Contains(user.Id)
                 )
                 .Select(x => x.Id)
                 .ToArray();
@@ -748,6 +754,7 @@ public IEnumerable<DeviceGroup> GetDeviceGroups(string username)
             {
                 return null;
             }
+            var userId = user.Id;
 
             return RemotelyContext.DeviceGroups
                 .Include(x => x.PermissionLinks)
@@ -757,7 +764,7 @@ public IEnumerable<DeviceGroup> GetDeviceGroups(string username)
                     (
                         user.IsAdministrator ||
                         x.PermissionLinks.Count == 0 ||
-                        x.PermissionLinks.Any(x => x.UserID == user.Id)
+                        x.PermissionLinks.Any(x => x.UserID == userId)
                     )
                 )
                 .OrderBy(x => x.Name) ?? Enumerable.Empty<DeviceGroup>();
@@ -775,9 +782,9 @@ public IEnumerable<Device> GetDevicesForUser(string userName)
                     x.OrganizationID == user.OrganizationID &&
                     (
                         user.IsAdministrator ||
-                        x.DeviceGroup.PermissionLinks.Count == 0 ||
-                        x.DeviceGroup.PermissionLinks.Any(permission => permission.UserID == userID
-                    )));
+                        string.IsNullOrWhiteSpace(x.DeviceGroupID)||
+                        x.DeviceGroup.PermissionLinks.Any(permission => permission.UserID == userID)
+                    ));
         }
 
         public IEnumerable<EventLog> GetEventLogs(string userName, DateTimeOffset from, DateTimeOffset to, EventType? type, string message)