mirror of
https://github.com/juspay/hyperswitch.git
synced 2025-11-03 05:17:02 +08:00
fix(user_roles): Send only same and below Entity Level Users in List Users API (#6147)
This commit is contained in:
Mani Chandra
@ -736,6 +736,16 @@ pub async fn list_users_in_lineage(
|
|||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
// This filtering is needed because for org level users in V1, merchant_id is present.
|
||||||
|
// Due to this, we get org level users in merchant level users list.
|
||||||
|
let user_roles_set = user_roles_set
|
||||||
|
.into_iter()
|
||||||
|
.filter_map(|user_role| {
|
||||||
|
let (_entity_id, entity_type) = user_role.get_entity_id_and_type()?;
|
||||||
|
(entity_type <= requestor_role_info.get_entity_type()).then_some(user_role)
|
||||||
|
})
|
||||||
|
.collect::<HashSet<_>>();
|
||||||
|
|
||||||
let mut email_map = state
|
let mut email_map = state
|
||||||
.global_store
|
.global_store
|
||||||
.find_users_by_user_ids(
|
.find_users_by_user_ids(
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
use std::collections::HashSet;
|
use std::{cmp, collections::HashSet};
|
||||||
|
|
||||||
use api_models::user_role as user_role_api;
|
use api_models::user_role as user_role_api;
|
||||||
use common_enums::{EntityType, PermissionGroup};
|
use common_enums::{EntityType, PermissionGroup};
|
||||||
@ -418,28 +418,16 @@ pub fn get_min_entity(
|
|||||||
user_entity: EntityType,
|
user_entity: EntityType,
|
||||||
filter_entity: Option<EntityType>,
|
filter_entity: Option<EntityType>,
|
||||||
) -> UserResult<EntityType> {
|
) -> UserResult<EntityType> {
|
||||||
match (user_entity, filter_entity) {
|
let Some(filter_entity) = filter_entity else {
|
||||||
(EntityType::Organization, None)
|
return Ok(user_entity);
|
||||||
| (EntityType::Organization, Some(EntityType::Organization)) => {
|
};
|
||||||
Ok(EntityType::Organization)
|
|
||||||
}
|
|
||||||
|
|
||||||
(EntityType::Merchant, None)
|
if user_entity < filter_entity {
|
||||||
| (EntityType::Organization, Some(EntityType::Merchant))
|
return Err(report!(UserErrors::InvalidRoleOperation)).attach_printable(format!(
|
||||||
| (EntityType::Merchant, Some(EntityType::Merchant)) => Ok(EntityType::Merchant),
|
"{} level user requesting data for {:?} level",
|
||||||
|
user_entity, filter_entity
|
||||||
(EntityType::Profile, None)
|
));
|
||||||
| (EntityType::Organization, Some(EntityType::Profile))
|
|
||||||
| (EntityType::Merchant, Some(EntityType::Profile))
|
|
||||||
| (EntityType::Profile, Some(EntityType::Profile)) => Ok(EntityType::Profile),
|
|
||||||
|
|
||||||
(EntityType::Merchant, Some(EntityType::Organization))
|
|
||||||
| (EntityType::Profile, Some(EntityType::Organization))
|
|
||||||
| (EntityType::Profile, Some(EntityType::Merchant)) => {
|
|
||||||
Err(report!(UserErrors::InvalidRoleOperation)).attach_printable(format!(
|
|
||||||
"{} level user requesting data for {:?} level",
|
|
||||||
user_entity, filter_entity
|
|
||||||
))
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Ok(cmp::min(user_entity, filter_entity))
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user