mirror of
https://github.com/makeplane/plane.git
synced 2026-07-14 14:31:37 +02:00
[MOBIL-1039] dev: add teamspace validation in work item info query (#3602)
* dev: handled the teamspace permissions * dev: updated the await in teamspace filter * dev: handled the project details in workitem info query
This commit is contained in:
@@ -9,6 +9,7 @@ from strawberry.types import Info
|
||||
|
||||
# Module Imports
|
||||
from plane.db.models import Issue, Project, ProjectMember
|
||||
from plane.graphql.helpers.teamspace import project_member_filter_via_teamspaces_async
|
||||
from plane.graphql.permissions.workspace import WorkspacePermission
|
||||
from plane.graphql.types.issues.meta import IssueShortenedMetaInfo
|
||||
from plane.graphql.utils.roles import Roles
|
||||
@@ -72,6 +73,9 @@ class IssueShortenedMetaInfoQuery:
|
||||
async def issue_shortened_meta_info(
|
||||
self, info: Info, slug: str, work_item_identifier: str
|
||||
) -> IssueShortenedMetaInfo:
|
||||
user = info.context.user
|
||||
user_id = str(user.id)
|
||||
|
||||
workspace_slug = slug
|
||||
project_identifier = None
|
||||
issue_sequence = None
|
||||
@@ -87,15 +91,25 @@ class IssueShortenedMetaInfoQuery:
|
||||
error_extensions = {"code": "ISSUE_NOT_FOUND", "statusCode": 404}
|
||||
raise GraphQLError(message, extensions=error_extensions)
|
||||
|
||||
project_id = await get_project_id(workspace_slug, project_identifier)
|
||||
|
||||
is_project_member = await project_member_exists(
|
||||
workspace_slug, project_identifier, info.context.user
|
||||
)
|
||||
if not is_project_member:
|
||||
message = "User does not have permission to access this project."
|
||||
error_extensions = {"code": "UNAUTHORIZED", "statusCode": 403}
|
||||
raise GraphQLError(message, extensions=error_extensions)
|
||||
|
||||
project_id = await get_project_id(workspace_slug, project_identifier)
|
||||
# validate teamspace membership
|
||||
project_teamspace_filter = await project_member_filter_via_teamspaces_async(
|
||||
user_id=user_id,
|
||||
workspace_slug=workspace_slug,
|
||||
)
|
||||
teamspace_project_ids = project_teamspace_filter.teamspace_project_ids
|
||||
if (
|
||||
not teamspace_project_ids
|
||||
or str(project_id) not in teamspace_project_ids
|
||||
):
|
||||
message = "User does not have permission to access this project."
|
||||
error_extensions = {"code": "UNAUTHORIZED", "statusCode": 403}
|
||||
raise GraphQLError(message, extensions=error_extensions)
|
||||
|
||||
issue_id, is_epic = await get_issue_id(
|
||||
workspace_slug, project_id, issue_sequence
|
||||
|
||||
Reference in New Issue
Block a user