improve access to collections via groups (#4441)

* refactor get_org_collections_details * improve access to collection check * fix get_org_collection_detail too
2025-08-01 08:39:09 +00:00 · 2024-04-27 22:09:00 +02:00 · 2024-04-27 22:09:00 +02:00 · 9dcc738f85
commit 9dcc738f85
parent 84a7c7da5d
3 changed files with 23 additions and 41 deletions
--- a/src/auth.rs
+++ b/src/auth.rs
@ -689,7 +689,7 @@ impl<'r> FromRequest<'r> for ManagerHeaders {
                        _ => err_handler!("Error getting DB"),
                    };

-                    if !can_access_collection(&headers.org_user, &col_id, &mut conn).await {
+                    if !Collection::can_access_collection(&headers.org_user, &col_id, &mut conn).await {
                        err_handler!("The current user isn't a manager for this collection")
                    }
                }
@ -762,10 +762,6 @@ impl From<ManagerHeadersLoose> for Headers {
        }
    }
 }
-async fn can_access_collection(org_user: &UserOrganization, col_id: &str, conn: &mut DbConn) -> bool {
-    org_user.has_full_access()
-        || Collection::has_access_by_collection_and_user_uuid(col_id, &org_user.user_uuid, conn).await
-}

 impl ManagerHeaders {
    pub async fn from_loose(
@ -777,7 +773,7 @@ impl ManagerHeaders {
            if uuid::Uuid::parse_str(col_id).is_err() {
                err!("Collection Id is malformed!");
            }
-            if !can_access_collection(&h.org_user, col_id, conn).await {
+            if !Collection::can_access_collection(&h.org_user, col_id, conn).await {
                err!("You don't have access to all collections!");
            }
        }