refactor(users): remove lineage checks in roles get operations (#6701)

Co-authored-by: hyperswitch-bot[bot] <148525504+hyperswitch-bot[bot]@users.noreply.github.com>
2025-11-04 05:59:48 +08:00 · 2024-12-10 16:49:17 +05:30
parent c620779bbd
commit f96a87d08c
15 changed files with 194 additions and 155 deletions
--- a/crates/router/src/analytics.rs
+++ b/crates/router/src/analytics.rs
@ -1847,15 +1847,10 @@ pub mod routes {
            json_payload.into_inner(),
            |state, auth: UserFromToken, req, _| async move {
                let role_id = auth.role_id;
-                let role_info = RoleInfo::from_role_id_in_merchant_scope(
-                    &state,
-                    &role_id,
-                    &auth.merchant_id,
-                    &auth.org_id,
-                )
-                .await
-                .change_context(UserErrors::InternalServerError)
-                .change_context(OpenSearchError::UnknownError)?;
+                let role_info = RoleInfo::from_role_id_and_org_id(&state, &role_id, &auth.org_id)
+                    .await
+                    .change_context(UserErrors::InternalServerError)
+                    .change_context(OpenSearchError::UnknownError)?;
                let permission_groups = role_info.get_permission_groups();
                if !permission_groups.contains(&common_enums::PermissionGroup::OperationsView) {
                    return Err(OpenSearchError::AccessForbiddenError)?;
@ -1887,7 +1882,7 @@ pub mod routes {
                        let role_id = user_role.role_id.clone();
                        let org_id = user_role.org_id.clone().unwrap_or_default();
                        async move {
-                            RoleInfo::from_role_id_in_org_scope(&state, &role_id, &org_id)
+                            RoleInfo::from_role_id_and_org_id(&state, &role_id, &org_id)
                                .await
                                .change_context(UserErrors::InternalServerError)
                                .change_context(OpenSearchError::UnknownError)
@ -1974,15 +1969,10 @@ pub mod routes {
            indexed_req,
            |state, auth: UserFromToken, req, _| async move {
                let role_id = auth.role_id;
-                let role_info = RoleInfo::from_role_id_in_merchant_scope(
-                    &state,
-                    &role_id,
-                    &auth.merchant_id,
-                    &auth.org_id,
-                )
-                .await
-                .change_context(UserErrors::InternalServerError)
-                .change_context(OpenSearchError::UnknownError)?;
+                let role_info = RoleInfo::from_role_id_and_org_id(&state, &role_id, &auth.org_id)
+                    .await
+                    .change_context(UserErrors::InternalServerError)
+                    .change_context(OpenSearchError::UnknownError)?;
                let permission_groups = role_info.get_permission_groups();
                if !permission_groups.contains(&common_enums::PermissionGroup::OperationsView) {
                    return Err(OpenSearchError::AccessForbiddenError)?;
@ -2013,7 +2003,7 @@ pub mod routes {
                        let role_id = user_role.role_id.clone();
                        let org_id = user_role.org_id.clone().unwrap_or_default();
                        async move {
-                            RoleInfo::from_role_id_in_org_scope(&state, &role_id, &org_id)
+                            RoleInfo::from_role_id_and_org_id(&state, &role_id, &org_id)
                                .await
                                .change_context(UserErrors::InternalServerError)
                                .change_context(OpenSearchError::UnknownError)