From 630a85cc0403e5030a526739da062ff0f2b268ff Mon Sep 17 00:00:00 2001
From: Timshel <timshel@users.noreply.github.com>
Date: Wed, 16 Apr 2025 17:32:40 +0200
Subject: [PATCH] Use MembershipType ordering for access_all check

---
 src/api/core/organizations.rs | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs
index 75dbd601..3448cead 100644
--- a/src/api/core/organizations.rs
+++ b/src/api/core/organizations.rs
@@ -1028,8 +1028,7 @@ async fn send_invite(
     // HACK: This converts the Custom role which has the `Manage all collections` box checked into an access_all flag
     // Since the parent checkbox is not sent to the server we need to check and verify the child checkboxes
     // If the box is not checked, the user will still be a manager, but not with the access_all permission
-    let access_all = new_type == MembershipType::Owner
-        || new_type == MembershipType::Admin
+    let access_all = new_type >= MembershipType::Admin
         || (raw_type.eq("4")
             && data.permissions.get("editAnyCollection") == Some(&json!(true))
             && data.permissions.get("deleteAnyCollection") == Some(&json!(true))
@@ -1559,8 +1558,7 @@ async fn edit_member(
     // HACK: This converts the Custom role which has the `Manage all collections` box checked into an access_all flag
     // Since the parent checkbox is not sent to the server we need to check and verify the child checkboxes
     // If the box is not checked, the user will still be a manager, but not with the access_all permission
-    let access_all = new_type == MembershipType::Owner
-        || new_type == MembershipType::Admin
+    let access_all = new_type >= MembershipType::Admin
         || (raw_type.eq("4")
             && data.permissions.get("editAnyCollection") == Some(&json!(true))
             && data.permissions.get("deleteAnyCollection") == Some(&json!(true))