diff --git a/apps/sim/lib/workspaces/permissions/utils.test.ts b/apps/sim/lib/workspaces/permissions/utils.test.ts index 503be8036aa..f54ce9d1044 100644 --- a/apps/sim/lib/workspaces/permissions/utils.test.ts +++ b/apps/sim/lib/workspaces/permissions/utils.test.ts @@ -772,6 +772,7 @@ describe('Permission Utils', () => { canWrite: false, canAdmin: false, workspace: null, + permission: null, }) }) @@ -793,6 +794,7 @@ describe('Permission Utils', () => { canWrite: true, canAdmin: true, workspace: { id: 'workspace123', ownerId: 'user123' }, + permission: 'admin', }) }) diff --git a/apps/sim/lib/workspaces/permissions/utils.ts b/apps/sim/lib/workspaces/permissions/utils.ts index b815a69be86..3ec92b4c131 100644 --- a/apps/sim/lib/workspaces/permissions/utils.ts +++ b/apps/sim/lib/workspaces/permissions/utils.ts @@ -33,6 +33,8 @@ export interface WorkspaceAccess { canWrite: boolean canAdmin: boolean workspace: WorkspaceWithOwner | null + /** The viewer's raw effective permission, or `null` when the workspace doesn't exist or they have none. */ + permission: PermissionType | null } /** @@ -143,7 +145,14 @@ export async function checkWorkspaceAccess( const ws = await getWorkspaceWithOwner(workspaceId) if (!ws) { - return { exists: false, hasAccess: false, canWrite: false, canAdmin: false, workspace: null } + return { + exists: false, + hasAccess: false, + canWrite: false, + canAdmin: false, + workspace: null, + permission: null, + } } const permission = await getEffectiveWorkspacePermission(userId, ws) @@ -151,7 +160,7 @@ export async function checkWorkspaceAccess( const canWrite = permissionSatisfies(permission, 'write') const canAdmin = permissionSatisfies(permission, 'admin') - return { exists: true, hasAccess, canWrite, canAdmin, workspace: ws } + return { exists: true, hasAccess, canWrite, canAdmin, workspace: ws, permission } } /** @@ -200,11 +209,7 @@ export async function getUserEntityPermissions( entityId: string ): Promise { if (entityType === 'workspace') { - const ws = await getWorkspaceWithOwner(entityId) - if (!ws) { - return null - } - return getEffectiveWorkspacePermission(userId, ws) + return (await checkWorkspaceAccess(entityId, userId)).permission } const result = await db @@ -387,13 +392,7 @@ export async function hasWorkspaceAdminAccess( userId: string, workspaceId: string ): Promise { - const ws = await getWorkspaceWithOwner(workspaceId) - - if (!ws) { - return false - } - - return (await getEffectiveWorkspacePermission(userId, ws)) === 'admin' + return (await checkWorkspaceAccess(workspaceId, userId)).canAdmin } /**