From 6040113be97adf868cfb892e4be3e5efba7f4a88 Mon Sep 17 00:00:00 2001 From: Frederik Christ Vestergaard Date: Wed, 5 Jul 2023 08:27:03 +0200 Subject: [PATCH 1/3] Fixed permission fetching --- .../user-management/permission.controller.ts | 21 ++++++++++++------- src/entities/dto/list-all-permissions.dto.ts | 2 +- .../user-management/permission.service.ts | 11 +++++----- 3 files changed, 21 insertions(+), 13 deletions(-) diff --git a/src/controllers/user-management/permission.controller.ts b/src/controllers/user-management/permission.controller.ts index 982c0edb..36f402db 100644 --- a/src/controllers/user-management/permission.controller.ts +++ b/src/controllers/user-management/permission.controller.ts @@ -112,7 +112,7 @@ export class PermissionController { const permissions = await this.permissionService.findOneWithRelations( dto.organizationId - ); + ); const org: Organization = this.organizationService.mapPermissionsToOneOrganization( permissions @@ -127,7 +127,11 @@ export class PermissionController { } } - const resultUser = await this.userService.acceptUser(user, org, newUserPermissions); + const resultUser = await this.userService.acceptUser( + user, + org, + newUserPermissions + ); AuditLog.success( ActionType.UPDATE, @@ -221,11 +225,14 @@ export class PermissionController { if (req.user.permissions.isGlobalAdmin) { return this.permissionService.getAllPermissions(query); } else { - const allowedOrganizations = req.user.permissions.getAllOrganizationsWithUserAdmin(); - return this.permissionService.getAllPermissionsInOrganizations( - allowedOrganizations, - query - ); + if (query.organisationId === undefined) { + const allowedOrganizations = req.user.permissions.getAllOrganizationsWithUserAdmin(); + return this.permissionService.getAllPermissionsInOrganizations( + allowedOrganizations, + query + ); + } + return this.permissionService.getAllPermissions(query); } } diff --git a/src/entities/dto/list-all-permissions.dto.ts b/src/entities/dto/list-all-permissions.dto.ts index 4e78edf0..47b77ff9 100644 --- a/src/entities/dto/list-all-permissions.dto.ts +++ b/src/entities/dto/list-all-permissions.dto.ts @@ -6,5 +6,5 @@ export class ListAllPermissionsDto extends ListAllEntitiesDto { organisationId?: number; @ApiProperty({ type: String, required: false }) - userId?: number; + userId?: string; } diff --git a/src/services/user-management/permission.service.ts b/src/services/user-management/permission.service.ts index 45d3af66..6776c8e8 100644 --- a/src/services/user-management/permission.service.ts +++ b/src/services/user-management/permission.service.ts @@ -275,12 +275,13 @@ export class PermissionService { .skip(query?.offset ? +query.offset : 0) .orderBy(orderBy, order); - if (query?.userId) { - qb = qb.where("user.id = :userId", { userId: +query.userId }); - } else if (orgs) { - qb.where({ organization: In(orgs) }); + if (query?.userId !== undefined && query.userId !== "undefined") { + qb = qb.andWhere("user.id = :userId", { userId: +query.userId }); + } + if (orgs) { + qb = qb.andWhere({ organization: In(orgs) }); } else if (query?.organisationId) { - qb = qb.where("org.id = :orgId", { orgId: +query.organisationId }); + qb = qb.andWhere("org.id = :orgId", { orgId: +query.organisationId }); } const [data, count] = await qb.getManyAndCount(); From 651384c2173ac645e754339577306fe348f81e5d Mon Sep 17 00:00:00 2001 From: Frederik Christ Vestergaard Date: Wed, 5 Jul 2023 08:52:56 +0200 Subject: [PATCH 2/3] Added permissions to application fetch --- src/services/device-management/application.service.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/src/services/device-management/application.service.ts b/src/services/device-management/application.service.ts index 72585893..9823b107 100644 --- a/src/services/device-management/application.service.ts +++ b/src/services/device-management/application.service.ts @@ -171,6 +171,7 @@ export class ApplicationService { "belongsTo", nameof("controlledProperties"), nameof("deviceTypes"), + "permissions", ], loadRelationIds: { relations: ["createdBy", "updatedBy"], From 2417f3ef8f092f818d7f76e6336fc3efcef73277 Mon Sep 17 00:00:00 2001 From: Frederik Christ Vestergaard Date: Wed, 5 Jul 2023 10:35:58 +0200 Subject: [PATCH 3/3] Cleaned up get permissions query --- .../user-management/permission.controller.ts | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/src/controllers/user-management/permission.controller.ts b/src/controllers/user-management/permission.controller.ts index 36f402db..3225dd12 100644 --- a/src/controllers/user-management/permission.controller.ts +++ b/src/controllers/user-management/permission.controller.ts @@ -222,18 +222,14 @@ export class PermissionController { @Req() req: AuthenticatedRequest, @Query() query?: ListAllPermissionsDto ): Promise { - if (req.user.permissions.isGlobalAdmin) { - return this.permissionService.getAllPermissions(query); - } else { - if (query.organisationId === undefined) { - const allowedOrganizations = req.user.permissions.getAllOrganizationsWithUserAdmin(); - return this.permissionService.getAllPermissionsInOrganizations( - allowedOrganizations, - query - ); - } - return this.permissionService.getAllPermissions(query); + if (!req.user.permissions.isGlobalAdmin && query.organisationId === undefined) { + const allowedOrganizations = req.user.permissions.getAllOrganizationsWithUserAdmin(); + return this.permissionService.getAllPermissionsInOrganizations( + allowedOrganizations, + query + ); } + return this.permissionService.getAllPermissions(query); } @Get(":id")