From 053d714655f951103b2dcec957cf3680a3b909ee Mon Sep 17 00:00:00 2001 From: Dmitry S Date: Wed, 5 Aug 2020 00:25:56 -0400 Subject: [PATCH] (core) For getting access info, include the first-level doc and workspace users. Summary: When listing access on a doc or workspaces, include all users associated with the resource or its parents. Previously we only considered org-level users. This is normally sufficient since doc and workspace users are automatically added as guests of the org. But there are exceptions for special users (like everyone@), and generally, in case of any divergence, it's important to list everyone who affects access decisions. Test Plan: Added a test that everyone@ user gets included in listings Reviewers: paulfitz Reviewed By: paulfitz Subscribers: paulfitz Differential Revision: https://phab.getgrist.com/D2533 --- app/gen-server/lib/HomeDBManager.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/gen-server/lib/HomeDBManager.ts b/app/gen-server/lib/HomeDBManager.ts index 7fa4e185..d1941521 100644 --- a/app/gen-server/lib/HomeDBManager.ts +++ b/app/gen-server/lib/HomeDBManager.ts @@ -1924,7 +1924,7 @@ export class HomeDBManager extends EventEmitter { // The orgMap gives the org access inherited by each user. const orgMap = getMemberUserRoles(workspace.org, this.defaultBasicGroupNames); // Iterate through the org since all users will be in the org. - const users: UserAccessData[] = getResourceUsers(workspace.org).map(u => { + const users: UserAccessData[] = getResourceUsers([workspace, workspace.org]).map(u => { return { id: u.id, name: u.name, @@ -1959,7 +1959,7 @@ export class HomeDBManager extends EventEmitter { const orgMap = getMemberUserRoles(doc.workspace.org, this.defaultBasicGroupNames); const wsMaxInheritedRole = this._getMaxInheritedRole(doc.workspace); // Iterate through the org since all users will be in the org. - const users: UserAccessData[] = getResourceUsers(doc.workspace.org).map(u => { + const users: UserAccessData[] = getResourceUsers([doc, doc.workspace, doc.workspace.org]).map(u => { // Merge the strongest roles from the resource and parent resources. Note that the parent // resource access levels must be tempered by the maxInheritedRole values of their children. const inheritFromOrg = roles.getWeakestRole(orgMap[u.id] || null, wsMaxInheritedRole);