fixed for resource function

2026-05-23 08:58:26 +00:00 · 2024-06-12 14:29:53 +05:30 · 2024-06-12 14:29:53 +05:30 · 2e22a59462
commit 2e22a59462
parent 0af5f94180
3 changed files with 22 additions and 39 deletions
--- a/server/src/modules/permissions/utility/permission-ability.utility.ts
+++ b/server/src/modules/permissions/utility/permission-ability.utility.ts
@ -19,9 +19,8 @@ export function getUserPermissionsQuery(
      organizationId,
    });

-  const resourceTypes = Array.from(new Set(resources.map((item) => item.resource)));
-
  if (resources?.length) {
+    const resourceTypes = Array.from(new Set(resources.map((item) => item.resource)));
    const orConditions = Array.from(resourceTypes)
      .map((resource, index) => `granularPermissions.type = :type${index}`)
      .join(' OR ');
@ -34,10 +33,14 @@ export function getUserPermissionsQuery(
      .andWhere(orConditions, parameters)
      .addSelect(['granularPermissions.isAll', 'granularPermissions.type']);
  }
-  const appsResourcesList = resources.filter((item) => item.resource === TOOLJET_RESOURCE.APP);
-  if (appsResourcesList.length) {
-    addAppsPermissionsTOQuery(query, appsResourcesList);
+
+  if (resources?.length) {
+    const appsResourcesList = resources.filter((item) => item.resource === TOOLJET_RESOURCE.APP);
+    if (appsResourcesList?.length) {
+      addAppsPermissionsTOQuery(query, appsResourcesList);
+    }
  }
+
  return query;
 }

--- a/server/src/services/folders.service.ts
+++ b/server/src/services/folders.service.ts
@ -1,8 +1,7 @@
-import { Injectable, ForbiddenException } from '@nestjs/common';
+import { Injectable } from '@nestjs/common';
 import { InjectRepository } from '@nestjs/typeorm';
 import { App } from 'src/entities/app.entity';
 import { FolderApp } from 'src/entities/folder_app.entity';
-import { UserGroupPermission } from 'src/entities/user_group_permission.entity';
 import { getFolderQuery, viewableAppsQuery } from 'src/helpers/queries';
 import { createQueryBuilder, Repository, UpdateResult } from 'typeorm';
 import { User } from '../../src/entities/user.entity';
@ -159,36 +158,8 @@ export class FoldersService {
    return viewableAppsInFolder;
  }

-  ///change as per new group permissions
  async delete(user: User, id: string) {
    const folder = await this.foldersRepository.findOneOrFail({ id, organizationId: user.organizationId });
-    const allViewableApps = await createQueryBuilder(App, 'apps')
-      .select('apps.id')
-      .innerJoin('apps.groupPermissions', 'group_permissions')
-      .innerJoin('apps.appGroupPermissions', 'app_group_permissions')
-      .innerJoin(
-        UserGroupPermission,
-        'user_group_permissions',
-        'app_group_permissions.group_permission_id = user_group_permissions.group_permission_id'
-      )
-      .where('user_group_permissions.user_id = :userId', { userId: user.id })
-      .andWhere('app_group_permissions.read = :value', { value: true })
-      .orWhere('apps.user_id = :userId', {
-        value: true,
-        organizationId: user.organizationId,
-        userId: user.id,
-      })
-      .getMany();
-
-    const allViewableAppIds = allViewableApps.map((app) => app.id);
-
-    folder.folderApps.map((folderApp: FolderApp) => {
-      if (!allViewableAppIds.includes(folderApp.appId)) {
-        throw new ForbiddenException(
-          'Applications not authorised for you are included in the folder, please contact administrator to remove them and try again'
-        );
-      }
-    });
-    return await this.foldersRepository.delete({ id, organizationId: user.organizationId });
+    return await this.foldersRepository.delete({ id: folder.id, organizationId: user.organizationId });
  }
 }
--- a/server/src/services/permissions-ability.service.ts
+++ b/server/src/services/permissions-ability.service.ts
@ -52,6 +52,8 @@ export class AbilityService {
    if (resources && resources.some((item) => item.resource === TOOLJET_RESOURCE.APP)) {
      userPermissions[TOOLJET_RESOURCE.APP] = this.createUserAppsPermissions(appsGranularPermissions);
    }
+    console.log('printing user permissions');
+    console.log(userPermissions);

    return userPermissions;
  }
@ -60,12 +62,19 @@ export class AbilityService {
    const userAppsPermissions: UserAppsPermissions = appsGranularPermissions.reduce((acc, permission) => {
      const appsPermission = permission?.appsGroupPermissions;
      const groupApps = appsPermission?.groupApps ? appsPermission.groupApps.map((item) => item.appId) : [];
+      console.log('logging');
+      console.log(appsPermission);
+      console.log(groupApps);
+      console.log(acc);
+
      return {
        isAllEditable: acc.isAllEditable || (permission.isAll && appsPermission?.canEdit),
-        editableAppsId: Array.from(new Set([...acc.editableAppsId, ...(appsPermission?.canEdit && groupApps)])),
+        editableAppsId: Array.from(new Set([...acc.editableAppsId, ...(appsPermission?.canEdit ? groupApps : [])])),
        isAllViewable: acc.isAllViewable || (permission.isAll && appsPermission?.canView),
-        viewableAppsId: Array.from(new Set([...acc.viewableAppsId, ...(appsPermission?.canView && groupApps)])),
-        hiddenAppsId: Array.from(new Set([...acc.hiddenAppsId, ...(appsPermission?.hideFromDashboard && groupApps)])),
+        viewableAppsId: Array.from(new Set([...acc.viewableAppsId, ...(appsPermission?.canView ? groupApps : [])])),
+        hiddenAppsId: Array.from(
+          new Set([...acc.hiddenAppsId, ...(appsPermission?.hideFromDashboard ? groupApps : [])])
+        ),
      };
    }, DEFAULT_USER_APPS_PERMISSIONS);
    return userAppsPermissions;