mirror of https://github.com/buster-so/buster.git
115 lines
3.6 KiB
Rust
115 lines
3.6 KiB
Rust
use anyhow::{anyhow, Result};
|
|
use database::{
|
|
enums::{AssetPermissionRole, AssetType, IdentityType},
|
|
helpers::collections::fetch_collection,
|
|
};
|
|
use sharing::{
|
|
check_asset_permission::has_permission, remove_asset_permissions::remove_share_by_email,
|
|
};
|
|
use tracing::info;
|
|
use uuid::Uuid;
|
|
|
|
/// Handler to delete sharing permissions for a collection
|
|
///
|
|
/// # Arguments
|
|
/// * `collection_id` - The UUID of the collection to delete sharing permissions for
|
|
/// * `user_id` - The UUID of the user making the request
|
|
/// * `emails` - List of email addresses to remove sharing permissions for
|
|
///
|
|
/// # Returns
|
|
/// * `Result<()>` - Success or error
|
|
pub async fn delete_collection_sharing_handler(
|
|
collection_id: &Uuid,
|
|
user_id: &Uuid,
|
|
emails: Vec<String>,
|
|
) -> Result<()> {
|
|
info!(
|
|
collection_id = %collection_id,
|
|
user_id = %user_id,
|
|
"Deleting sharing permissions for collection"
|
|
);
|
|
|
|
// 1. Validate the collection exists
|
|
if fetch_collection(collection_id).await?.is_none() {
|
|
return Err(anyhow!("Collection not found"));
|
|
};
|
|
|
|
// 2. Check if user has permission to delete sharing for the collection (Owner or FullAccess)
|
|
let has_permission_result = has_permission(
|
|
*collection_id,
|
|
AssetType::Collection,
|
|
*user_id,
|
|
IdentityType::User,
|
|
AssetPermissionRole::FullAccess, // Owner role implicitly has FullAccess permissions
|
|
)
|
|
.await?;
|
|
|
|
if !has_permission_result {
|
|
return Err(anyhow!(
|
|
"User does not have permission to delete sharing for this collection"
|
|
));
|
|
}
|
|
|
|
// 3. Process each email and delete sharing permissions
|
|
for email in emails {
|
|
// The remove_share_by_email function handles soft deletion of permissions
|
|
match remove_share_by_email(&email, *collection_id, AssetType::Collection, *user_id).await {
|
|
Ok(_) => {
|
|
info!(
|
|
"Deleted sharing permission for email: {} on collection: {}",
|
|
email, collection_id
|
|
);
|
|
}
|
|
Err(e) => {
|
|
// If the error is because the permission doesn't exist, we can ignore it
|
|
if e.to_string().contains("No active permission found") {
|
|
tracing::warn!("No active permission found for email {}: {}", email, e);
|
|
continue;
|
|
}
|
|
|
|
tracing::error!("Failed to delete sharing for email {}: {}", email, e);
|
|
return Err(anyhow!(
|
|
"Failed to delete sharing for email {}: {}",
|
|
email,
|
|
e
|
|
));
|
|
}
|
|
}
|
|
}
|
|
|
|
Ok(())
|
|
}
|
|
|
|
#[cfg(test)]
|
|
mod tests {
|
|
|
|
#[tokio::test]
|
|
async fn test_delete_collection_sharing_collection_not_found() {
|
|
// Test case: Collection not found
|
|
// Expected: Error with "Collection not found" message
|
|
|
|
// Since we can't easily mock the function in an integration test
|
|
// This is just a placeholder for the real test
|
|
// A proper test would use a test database or more sophisticated mocking
|
|
assert!(true);
|
|
}
|
|
|
|
#[tokio::test]
|
|
async fn test_delete_collection_sharing_no_permission() {
|
|
// This would test the case where a user doesn't have permission to delete sharing
|
|
assert!(true);
|
|
}
|
|
|
|
#[tokio::test]
|
|
async fn test_delete_collection_sharing_success() {
|
|
// This would test the successful case
|
|
assert!(true);
|
|
}
|
|
|
|
#[tokio::test]
|
|
async fn test_delete_collection_sharing_invalid_email() {
|
|
// This would test the case with an invalid email
|
|
assert!(true);
|
|
}
|
|
}
|