From 843225461e45c350cb26a17f6ce62b1bfbf84d08 Mon Sep 17 00:00:00 2001 From: martintrajanovski Date: Fri, 13 Dec 2024 16:08:17 +0100 Subject: [PATCH] fix v3 dataset controller access filters --- src/datasets/datasets.controller.ts | 34 +++++++++++++++++++++-------- 1 file changed, 25 insertions(+), 9 deletions(-) diff --git a/src/datasets/datasets.controller.ts b/src/datasets/datasets.controller.ts index ffee9790d..50a50586d 100644 --- a/src/datasets/datasets.controller.ts +++ b/src/datasets/datasets.controller.ts @@ -203,16 +203,32 @@ export class DatasetsController { if (!canViewAny) { if (canViewAccess) { - // FIXME: This here doesn't work if we want to pass $or in the original query itself. This is overwriting it! Double-check it! - // Here is an example: { "where": { "$or": [{"datasetName": "test"}, {"description": "Dataset"}] }} gets overwritten with: {"where":{"$or":[{"ownerGroup":{"$in":["group1","ess","swap"]}},{"accessGroups":{"$in":["group1","ess","swap"]}},{"sharedWith":{"$in":"user1@your.site"}},{"isPublished":true}]}} - mergedFilters.where["$or"] = [ - { ownerGroup: { $in: user.currentGroups } }, - { accessGroups: { $in: user.currentGroups } }, - { sharedWith: { $in: user.email } }, - { isPublished: true }, - ]; + if (mergedFilters.where["$and"]) { + mergedFilters.where["$and"].push({ + $or: [ + { ownerGroup: { $in: user.currentGroups } }, + { accessGroups: { $in: user.currentGroups } }, + { sharedWith: { $in: [user.email] } }, + { isPublished: true }, + ], + }); + } else { + mergedFilters.where["$and"] = [ + { + $or: [ + { ownerGroup: { $in: user.currentGroups } }, + { accessGroups: { $in: user.currentGroups } }, + { sharedWith: { $in: [user.email] } }, + { isPublished: true }, + ], + }, + ]; + } } else if (canViewOwner) { - mergedFilters.where = [{ ownerGroup: { $in: user.currentGroups } }]; + mergedFilters.where = { + ...mergedFilters.where, + ownerGroup: { $in: user.currentGroups }, + }; } else if (canViewPublic) { mergedFilters.where = { isPublished: true }; }