Fix managers and groups link

This PR should fix the managers and group link. Although i think there might be a cleaner sollution, there are a lot of other items to fix here which we should do in time. But for now, with theh group support already merged, this fix should at least help solving issue #2932. Fixes #2932
2025-09-10 10:45:57 +03:00 · 2022-12-02 17:39:19 +01:00
parent 1b56f4266b
commit 142f7bb50d
2 changed files with 36 additions and 11 deletions
--- a/src/db/models/collection.rs
+++ b/src/db/models/collection.rs
@@ -167,15 +167,15 @@ impl Collection {
                    users_collections::user_uuid.eq(user_uuid.clone())
                )
            ))
-            .left_join(users_organizations::table.on(
+            .inner_join(users_organizations::table.on(
                collections::org_uuid.eq(users_organizations::org_uuid).and(
                    users_organizations::user_uuid.eq(user_uuid.clone())
                )
            ))
-            .left_join(groups_users::table.on(
+            .inner_join(groups_users::table.on(
                groups_users::users_organizations_uuid.eq(users_organizations::uuid)
            ))
-            .left_join(groups::table.on(
+            .inner_join(groups::table.on(
                groups::uuid.eq(groups_users::groups_uuid)
            ))
            .left_join(collections_groups::table.on(
@@ -203,6 +203,17 @@ impl Collection {
        }}
    }

+    // Check if a user has access to a specific collection
+    // FIXME: This needs to be reviewed. The query used by `find_by_user_uuid` could be adjusted to filter when needed.
+    //        For now this is a good solution without making to much changes.
+    pub async fn has_access_by_collection_and_user_uuid(
+        collection_uuid: &str,
+        user_uuid: &str,
+        conn: &mut DbConn,
+    ) -> bool {
+        Self::find_by_user_uuid(user_uuid.to_owned(), conn).await.into_iter().any(|c| c.uuid == collection_uuid)
+    }
+
    pub async fn find_by_organization_and_user_uuid(org_uuid: &str, user_uuid: &str, conn: &mut DbConn) -> Vec<Self> {
        Self::find_by_user_uuid(user_uuid.to_owned(), conn)
            .await
@@ -241,16 +252,32 @@ impl Collection {
                    users_collections::user_uuid.eq(user_uuid.clone())
                )
            ))
-            .left_join(users_organizations::table.on(
+            .inner_join(users_organizations::table.on(
                collections::org_uuid.eq(users_organizations::org_uuid).and(
                    users_organizations::user_uuid.eq(user_uuid)
                )
            ))
+            .inner_join(groups_users::table.on(
+                groups_users::users_organizations_uuid.eq(users_organizations::uuid)
+            ))
+            .inner_join(groups::table.on(
+                groups::uuid.eq(groups_users::groups_uuid)
+            ))
+            .left_join(collections_groups::table.on(
+                collections_groups::groups_uuid.eq(groups_users::groups_uuid).and(
+                    collections_groups::collections_uuid.eq(collections::uuid)
+                )
+            ))
            .filter(collections::uuid.eq(uuid))
            .filter(
                users_collections::collection_uuid.eq(uuid).or( // Directly accessed collection
                    users_organizations::access_all.eq(true).or( // access_all in Organization
                        users_organizations::atype.le(UserOrgType::Admin as i32) // Org admin or owner
+                )).or(
+                    groups::access_all.eq(true) // access_all in groups
+                ).or( // access via groups
+                    groups_users::users_organizations_uuid.eq(users_organizations::uuid).and(
+                        collections_groups::collections_uuid.is_not_null()
                    )
                )
            ).select(collections::all_columns)