From ee2cd0df465f674522a813b63401bf110fce5032 Mon Sep 17 00:00:00 2001
From: Daniele Andrei <daniele.andrei@geo-satis.com>
Date: Tue, 10 Jan 2023 14:49:52 +0100
Subject: [PATCH] fixed groups permissions

---
 src/db/models/collection.rs | 48 +++++++++++++++++++++++++++++++++----
 1 file changed, 44 insertions(+), 4 deletions(-)

diff --git a/src/db/models/collection.rs b/src/db/models/collection.rs
index c4507e10..5065905e 100644
--- a/src/db/models/collection.rs
+++ b/src/db/models/collection.rs
@@ -267,7 +267,7 @@ impl Collection {
                     return true;
                 }
 
-                db_run! { conn: {
+                let direct: bool = db_run! { conn: {
                     users_collections::table
                         .filter(users_collections::collection_uuid.eq(&self.uuid))
                         .filter(users_collections::user_uuid.eq(user_uuid))
@@ -276,7 +276,27 @@ impl Collection {
                         .first::<i64>(conn)
                         .ok()
                         .unwrap_or(0) != 0
-                }}
+                }};
+
+                let indirect: bool = db_run! { conn: {
+                    collections_groups::table
+                        .filter(collections_groups::collections_uuid.eq(&self.uuid))
+                        .filter(collections_groups::read_only.eq(false))
+                        .filter(collections_groups::groups_uuid.eq_any(
+                            groups_users::table
+                            .inner_join(users_organizations::table.on(
+                                users_organizations::uuid.eq(groups_users::users_organizations_uuid)
+                            ))
+                            .filter(users_organizations::user_uuid.eq(user_uuid))
+                            .select(groups_users::groups_uuid)
+                        ))
+                        .count()
+                        .first::<i64>(conn)
+                        .ok()
+                        .unwrap_or(0) != 0
+                }};
+
+                direct || indirect
             }
         }
     }
@@ -289,7 +309,7 @@ impl Collection {
                     return false;
                 }
 
-                db_run! { conn: {
+                let direct: bool = db_run! { conn: {
                     users_collections::table
                         .filter(users_collections::collection_uuid.eq(&self.uuid))
                         .filter(users_collections::user_uuid.eq(user_uuid))
@@ -298,7 +318,27 @@ impl Collection {
                         .first::<i64>(conn)
                         .ok()
                         .unwrap_or(0) != 0
-                }}
+                }};
+
+                let indirect: bool = db_run! { conn: {
+                    collections_groups::table
+                        .filter(collections_groups::collections_uuid.eq(&self.uuid))
+                        .filter(collections_groups::hide_passwords.eq(true))
+                        .filter(collections_groups::groups_uuid.eq_any(
+                            groups_users::table
+                            .inner_join(users_organizations::table.on(
+                                users_organizations::uuid.eq(groups_users::users_organizations_uuid)
+                            ))
+                            .filter(users_organizations::user_uuid.eq(user_uuid))
+                            .select(groups_users::groups_uuid)
+                        ))
+                        .count()
+                        .first::<i64>(conn)
+                        .ok()
+                        .unwrap_or(0) != 0
+                }};
+
+                direct || indirect
             }
         }
     }