From f1827722ab83bfa48d0baf6ef72013a61b921f57 Mon Sep 17 00:00:00 2001
From: kriks7iitk <kriks.iitk@gmail.com>
Date: Thu, 18 Jul 2024 14:14:06 +0530
Subject: [PATCH] group name default group issue

---
 .../constants/group-permissions.constant.ts                | 1 +
 .../utility/group-permissions.utility.ts                   | 7 ++++++-
 server/src/services/permissions-ability.service.ts         | 4 ++--
 3 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/server/src/modules/user_resource_permissions/constants/group-permissions.constant.ts b/server/src/modules/user_resource_permissions/constants/group-permissions.constant.ts
index eff5ce2bba..abeaf2efc7 100644
--- a/server/src/modules/user_resource_permissions/constants/group-permissions.constant.ts
+++ b/server/src/modules/user_resource_permissions/constants/group-permissions.constant.ts
@@ -102,6 +102,7 @@ export const DEFAULT_GROUP_PERMISSIONS_MIGRATIONS = {
 
 export const ERROR_HANDLER = {
   GROUP_NOT_EXIST: "Group doesn't exist",
+  RESERVED_KEYWORDS_FOR_GROUP_NAME: 'Group name cannot be same as reserved keywords',
   DEFAULT_GROUP_NAME: 'Name cannot be same as user default group',
   DEFAULT_GROUP_NAME_UPDATE: 'Not allowed to change default group name',
   DEFAULT_GROUP_NAME_DELETE: 'Not allowed to delete default group',
diff --git a/server/src/modules/user_resource_permissions/utility/group-permissions.utility.ts b/server/src/modules/user_resource_permissions/utility/group-permissions.utility.ts
index a3534fa0e6..d8775aeab5 100644
--- a/server/src/modules/user_resource_permissions/utility/group-permissions.utility.ts
+++ b/server/src/modules/user_resource_permissions/utility/group-permissions.utility.ts
@@ -135,7 +135,12 @@ export function getAllUserGroupsQuery(
 }
 
 export function validateCreateGroupOperation(createGroupPermissionDto: CreateGroupPermissionDto) {
-  if (createGroupPermissionDto.name in USER_ROLE) throw new BadRequestException(ERROR_HANDLER.DEFAULT_GROUP_NAME);
+  const humanizeList = ['End-user', 'Builder', 'Admin'];
+  if (humanizeList.includes(createGroupPermissionDto.name))
+    throw new BadRequestException(ERROR_HANDLER.DEFAULT_GROUP_NAME);
+
+  if (Object.values(USER_ROLE).includes(createGroupPermissionDto.name as USER_ROLE))
+    throw new BadRequestException(ERROR_HANDLER.RESERVED_KEYWORDS_FOR_GROUP_NAME);
 }
 
 export function addableUsersToGroupQuery(
diff --git a/server/src/services/permissions-ability.service.ts b/server/src/services/permissions-ability.service.ts
index b87847f725..681ba7f5b5 100644
--- a/server/src/services/permissions-ability.service.ts
+++ b/server/src/services/permissions-ability.service.ts
@@ -16,7 +16,7 @@ import {
 import { GranularPermissions } from 'src/entities/granular_permissions.entity';
 import { TOOLJET_RESOURCE } from 'src/constants/global.constant';
 import { getUserPermissionsQuery } from '@module/permissions/utility/permission-ability.utility';
-import { App } from 'src/entities/app.entity';
+import { AppBase } from 'src/entities/app_base.entity';
 
 @Injectable()
 export class AbilityService {
@@ -88,7 +88,7 @@ export class AbilityService {
     });
 
     await dbTransactionWrap(async (manager: EntityManager) => {
-      const appsOwnedByUser = await manager.find(App, {
+      const appsOwnedByUser = await manager.find(AppBase, {
         where: { userId: user.id, organizationId: user.organizationId },
       });