agw/overleaf-cep
1
0
Fork 0
mirror of https://github.com/yu-i-i/overleaf-cep.git synced 2026-06-08 00:29:04 +02:00
Code Issues Packages Projects Releases Wiki Activity

[web] change the order when creating a memebers list in permissions checks (#28063)

Browse Source 
GitOrigin-RevId: 73fd9218841d189dc95edec86f09d451005e6189
This commit is contained in:
Domagoj Kriskovic
2025-08-25 14:04:55 +02:00
committed by Copybot
parent 74533fc401
commit 8c3fe3bd31
2 changed files with 94 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
services/web/app/src/Features/Collaborators/CollaboratorsGetter.js
+8 -7
View File
@@ -498,6 +498,14 @@ function _getMemberIdsWithPrivilegeLevelsFromFields(
})
}
for (const memberId of reviewerIds || []) {
members.push({
id: memberId.toString(),
privilegeLevel: PrivilegeLevels.REVIEW,
source: Sources.INVITE,
})
}
for (const memberId of readOnlyIds || []) {
const record = {
id: memberId.toString(),
@@ -530,13 +538,6 @@ function _getMemberIdsWithPrivilegeLevelsFromFields(
}
}
for (const memberId of reviewerIds || []) {
members.push({
id: memberId.toString(),
privilegeLevel: PrivilegeLevels.REVIEW,
source: Sources.INVITE,
})
}
return members
}
services/web/test/unit/src/Collaborators/CollaboratorsGetterTests.js
+86
View File
@@ -231,6 +231,26 @@ describe('CollaboratorsGetter', function () {
)
expect(level).to.equal(false)
})
it('should return review privilege level when user is both reviewer and token member', async function () {
const userWhoIsBothReviewerAndToken = new ObjectId()
const projectWithDuplicateUser = {
...this.project,
reviewer_refs: [userWhoIsBothReviewerAndToken],
tokenAccessReadAndWrite_refs: [userWhoIsBothReviewerAndToken],
}
this.ProjectGetter.promises.getProject.resolves(projectWithDuplicateUser)
const level =
await this.CollaboratorsGetter.promises.getMemberIdPrivilegeLevel(
userWhoIsBothReviewerAndToken,
this.project._id
)
expect(level).to.equal('review')
})
})
describe('isUserInvitedMemberOfProject', function () {
@@ -533,4 +553,70 @@ describe('CollaboratorsGetter', function () {
expect(count).to.equal(2)
})
})
describe('ProjectAccess', function () {
describe('privilegeLevelForUser', function () {
it('should return reviewer privilege when user is both reviewer and token member', function () {
const userWhoIsBothReviewerAndToken = new ObjectId()
const projectWithDuplicateUser = {
owner_ref: this.ownerRef,
collaberator_refs: [],
readOnly_refs: [],
tokenAccessReadAndWrite_refs: [userWhoIsBothReviewerAndToken],
tokenAccessReadOnly_refs: [],
publicAccesLevel: 'tokenBased',
pendingEditor_refs: [],
reviewer_refs: [userWhoIsBothReviewerAndToken],
pendingReviewer_refs: [],
}
const projectAccess = new this.CollaboratorsGetter.ProjectAccess(
projectWithDuplicateUser
)
const privilegeLevel = projectAccess.privilegeLevelForUser(
userWhoIsBothReviewerAndToken
)
expect(privilegeLevel).to.equal('review')
})
it('should return readOnly privilege when user is both readOnly and token readAndWrite member', function () {
const userWhoIsBothReadOnlyAndTokenRW = new ObjectId()
const projectWithDuplicateUser = {
owner_ref: this.ownerRef,
collaberator_refs: [],
readOnly_refs: [userWhoIsBothReadOnlyAndTokenRW],
tokenAccessReadAndWrite_refs: [userWhoIsBothReadOnlyAndTokenRW],
tokenAccessReadOnly_refs: [],
publicAccesLevel: 'tokenBased',
pendingEditor_refs: [],
reviewer_refs: [],
pendingReviewer_refs: [],
}
const projectAccess = new this.CollaboratorsGetter.ProjectAccess(
projectWithDuplicateUser
)
const privilegeLevel = projectAccess.privilegeLevelForUser(
userWhoIsBothReadOnlyAndTokenRW
)
// Should return 'readOnly' from invite, not 'readAndWrite' from token access
expect(privilegeLevel).to.equal('readOnly')
})
it('should return none for non-members', function () {
const projectAccess = new this.CollaboratorsGetter.ProjectAccess(
this.project
)
const privilegeLevel = projectAccess.privilegeLevelForUser(
this.nonMemberRef
)
expect(privilegeLevel).to.equal(false)
})
})
})
})