OS2iot · AramAlsabti · May 25, 2022 · May 25, 2022 · May 25, 2022 · May 25, 2022
diff --git a/src/config/constants/translations.ts b/src/config/constants/translations.ts
@@ -0,0 +1,6 @@
+// OS2iot won't be translated in any other language than Danish in the foreseeable future
+export enum Translations {
+    OrganizationAdmin = "Organisationsadministrator",
+    ApplicationAdmin = "Applikationsadministrator",
+    ReadLevel = "Læserettigheder",
+}
diff --git a/src/controllers/admin-controller/application.controller.ts b/src/controllers/admin-controller/application.controller.ts
@@ -108,15 +108,14 @@ export class ApplicationController {
         req: AuthenticatedRequest,
         query: ListAllApplicationsDto
     ) {
-        // If org admin give all
-        const allFromOrg = req.user.permissions.getAllOrganizationsWithApplicationAdmin();
-        if (this.isOrganizationAdmin(allFromOrg, query)) {
+        // User admins have access to all applications in the organization
+        const allFromOrg = req.user.permissions.getAllOrganizationsWithUserAdmin();
+        if (allFromOrg.some(x => x === query?.organizationId)) {
             return await this.applicationService.findAndCountWithPagination(query, [
                 query.organizationId,
             ]);
         }
 
-        // If not org admin only allowed ones
         const allowedApplications = req.user.permissions.getAllApplicationsWithAtLeastRead();
         return await this.applicationService.findAndCountInList(
             query,
@@ -125,10 +124,6 @@ export class ApplicationController {
         );
     }
 
-    private isOrganizationAdmin(allFromOrg: number[], query: ListAllApplicationsDto) {
-        return allFromOrg.some(x => x === query?.organizationId);
-    }
-
     @Read()
     @Get(":id")
     @ApiOperation({ summary: "Find one Application by id" })

diff --git a/src/controllers/user-management/auth.controller.ts b/src/controllers/user-management/auth.controller.ts
@@ -32,7 +32,6 @@ import { JwtPayloadDto } from "@dto/internal/jwt-payload.dto";
 import { LoginDto } from "@dto/login.dto";
 import { Organization } from "@entities/organization.entity";
 import { User } from "@entities/user.entity";
-import { PermissionType } from "@enum/permission-type.enum";
 import { AuthService } from "@services/user-management/auth.service";
 import { OrganizationService } from "@services/user-management/organization.service";
 import { UserService } from "@services/user-management/user.service";

diff --git a/src/entities/dto/permission-organization-application.dto.ts b/src/entities/dto/permission-organization-application.dto.ts
@@ -3,20 +3,21 @@ import * as _ from "lodash";
 export class UserPermissions {
     constructor() {
         this.orgToReadPermissions = new Map();
-        this.orgToUserAdminPermissions = new Set();
+        this.orgToUserAdminPermissions = new Map();
         this.orgToGatewayAdminPermissions = new Set();
         this.orgToApplicationAdminPermissions = new Map();
     }
 
     orgToReadPermissions: Map<number, number[]>;
-    orgToUserAdminPermissions: Set<number>;
+    orgToUserAdminPermissions: Map<number, number[]>;
     orgToGatewayAdminPermissions: Set<number>;
     orgToApplicationAdminPermissions: Map<number, number[]>;
     isGlobalAdmin = false;
 
     getAllApplicationsWithAtLeastRead(): number[] {
         return _.union(
             this.extractValues(this.orgToReadPermissions),
+            this.extractValues(this.orgToUserAdminPermissions),
             this.getAllApplicationsWithAdmin()
         );
     }
@@ -35,12 +36,13 @@ export class UserPermissions {
     getAllOrganizationsWithAtLeastApplicationRead(): number[] {
         return _.union(
             this.extractKeys(this.orgToReadPermissions),
-            this.getAllOrganizationsWithApplicationAdmin()
+            this.getAllOrganizationsWithApplicationAdmin(),
+            this.getAllOrganizationsWithUserAdmin(),
         );
     }
 
     getAllOrganizationsWithUserAdmin(): number[] {
-        return Array.from(this.orgToUserAdminPermissions);
+        return this.extractKeys(this.orgToUserAdminPermissions);
     }
 
     getAllOrganizationsWithGatewayAdmin(): number[] {

diff --git a/src/entities/permissions/permission.entity.ts b/src/entities/permissions/permission.entity.ts
@@ -8,11 +8,13 @@ import {
     TableInheritance,
     OneToMany,
     ManyToOne,
+    RelationId,
 } from "typeorm";
 import { PermissionTypeEntity } from "./permission-type.entity";
 import { Application } from "@entities/application.entity";
 import { Organization } from "@entities/organization.entity";
 import { ApiKey } from "@entities/api-key.entity";
+import { nameof } from "@helpers/type-helper";
 
 @Entity("permission")
 export class Permission extends DbBaseEntity {
@@ -42,6 +44,10 @@ export class Permission extends DbBaseEntity {
     @ManyToMany(() => Application, application => application.permissions)
     applications: Application[];
 
+    // ORM-specific column for extracting only the ids of related applications
+    @RelationId(nameof<Permission>("applications"))
+    applicationIds: Application["id"][];
+
     @Column({ nullable: true, default: false, type: Boolean })
     automaticallyAddNewApplications = false;