From 656b671962a0a4ecf473d82228b1a08d14685272 Mon Sep 17 00:00:00 2001 From: Kim Date: Thu, 23 Mar 2023 08:27:29 +0100 Subject: [PATCH] split users with direct and inherited access to folders call --- csharp/App/Backend/Controllers/Controller.cs | 33 +++++++++++++++----- 1 file changed, 25 insertions(+), 8 deletions(-) diff --git a/csharp/App/Backend/Controllers/Controller.cs b/csharp/App/Backend/Controllers/Controller.cs index e25c51e55..198edf861 100644 --- a/csharp/App/Backend/Controllers/Controller.cs +++ b/csharp/App/Backend/Controllers/Controller.cs @@ -110,8 +110,8 @@ public class Controller : ControllerBase .ToList(); } - [HttpGet(nameof(GetUsersWithAccessToFolder))] - public ActionResult> GetUsersWithAccessToFolder(Int64 id, Token authToken) + [HttpGet(nameof(GetUsersWithDirectAccessToFolder))] + public ActionResult> GetUsersWithDirectAccessToFolder(Int64 id, Token authToken) { var user = Db.GetSession(authToken)?.User; if (user == null) @@ -123,12 +123,29 @@ public class Controller : ControllerBase return Unauthorized(); return folder - .Ancestors() - .Prepend(folder) - .SelectMany(f => f.UsersWithDirectAccess() - .Where(u => u.IsDescendantOf(user)) - .Select(u => new { folderId = f.Id, user = u })) - .ToList(); + .UsersWithDirectAccess() + .Where(u => u.IsDescendantOf(user)) + .ToList(); + } + + [HttpGet(nameof(GetUsersWithInheritedAccessToFolder))] + public ActionResult> GetUsersWithInheritedAccessToFolder(Int64 id, Token authToken) + { + var user = Db.GetSession(authToken)?.User; + if (user == null) + return Unauthorized(); + + var folder = Db.GetFolderById(id); + + if (folder is null || !user.HasAccessTo(folder)) + return Unauthorized(); + + return folder + .Ancestors() + .SelectMany(f => f.UsersWithDirectAccess() + .Where(u => u.IsDescendantOf(user)) + .Select(u => new { folderId = f.Id, user = u })) + .ToList(); } [HttpGet(nameof(GetFolderById))]