Conversation
…s-for-current-user # Conflicts: # tests/Umbraco.Tests.Common/Builders/UserGroupBuilder.cs
Zeegaan
deleted the
v15/feature/aggregate-document-permissions-for-current-user
branch
nielslyngsoe
pushed a commit
that referenced
this pull request
Apr 9, 2025
* Create integration test verifying existing behaviour. * Aggregate permissions per document for the current user response. * Refactoring following Codescene warnings.
1 task
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Prerequisites
Goes toward fixing #18517
Description
Users belong to one or more user groups, user groups have various default permissions, and these can be overridden on a per group, per document basis, with the net result inheriting to descendants. There's some fairly involved server side logic to figure out the result when checking for access for a given user and document.
With 13, both the decision of what UI elements to expose and server-side authorization used the same logic, server-side. With 14+ we have a split, with the latter remaining on the server but the presentation of features to users being decided on the client.
Currently the API response for the current user exposes all the raw information: the groups the user is in, the net of the default permissions from the user groups, and the individual document granular permissions. So in theory the client could do the same aggregation as is done on the server. That's not ideal though - means duplicating the logic and it's not currently aligned, hence the reported issue.
So this PR amends the output of the granular permissions per document to expose not the raw information, but the aggregated details - leading to one record per document with the net permissions obtained using the existing server-side logic.
This means that the client can use this directly, and likely needs to just amend the existing implementation such that it looks for document granular permissions not just on the current document, but also on the closest ancestor.
To Test:
umbraco/management/api/v1/user/currentto verify the expected aggregated results under thepermissionselement.Things to consider:
permissionselement here. We could consider keeping this as is, and providing a new element for theaggregatedPermissions.