[SM-572] Modify project endpoint to return current user's permission (#2752)

* Add endpoints to check current user's permission * Swap to adding current user permission onto GET * Cleanup DI * Add ProjectPermissionDetails DTO and query * code review updates * Remove assert recent for longer running creates
2026-02-04 16:13:12 +08:00 · 2023-03-02 09:02:42 -06:00
parent 26c30f8854
commit 05f5d79938
9 changed files with 94 additions and 23 deletions
--- a/src/Api/SecretsManager/Controllers/ProjectsController.cs
+++ b/src/Api/SecretsManager/Controllers/ProjectsController.cs
@@ -80,9 +80,10 @@ public class ProjectsController : Controller
    }

    [HttpGet("projects/{id}")]
-    public async Task<ProjectResponseModel> GetAsync([FromRoute] Guid id)
+    public async Task<ProjectPermissionDetailsResponseModel> GetAsync([FromRoute] Guid id)
    {
-        var project = await _projectRepository.GetByIdAsync(id);
+        var userId = _userService.GetProperUserId(User).Value;
+        var project = await _projectRepository.GetPermissionDetailsByIdAsync(id, userId);
        if (project == null)
        {
            throw new NotFoundException();
@@ -93,23 +94,34 @@ public class ProjectsController : Controller
            throw new NotFoundException();
        }

-        var userId = _userService.GetProperUserId(User).Value;
        var orgAdmin = await _currentContext.OrganizationAdmin(project.OrganizationId);
        var accessClient = AccessClientHelper.ToAccessClient(_currentContext.ClientType, orgAdmin);

-        var hasAccess = accessClient switch
+        bool hasAccess;
+        var read = project.Read;
+        var write = project.Write;
+
+        switch (accessClient)
        {
-            AccessClientType.NoAccessCheck => true,
-            AccessClientType.User => await _projectRepository.UserHasReadAccessToProject(id, userId),
-            _ => false,
-        };
+            case AccessClientType.NoAccessCheck:
+                hasAccess = true;
+                write = true;
+                read = true;
+                break;
+            case AccessClientType.User:
+                hasAccess = project.Read;
+                break;
+            default:
+                hasAccess = false;
+                break;
+        }

        if (!hasAccess)
        {
            throw new NotFoundException();
        }

-        return new ProjectResponseModel(project);
+        return new ProjectPermissionDetailsResponseModel(project, read, write);
    }

    [HttpPost("projects/delete")]