fix: do not apply FLP on root folder

webiny · Nov 8, 2023 · f98288a · f98288a
1 parent a80396d
commit f98288a
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 13 deletions.
diff --git a/packages/api-aco/src/utils/FolderLevelPermissions.ts b/packages/api-aco/src/utils/FolderLevelPermissions.ts
@@ -403,12 +403,7 @@ export class FolderLevelPermissions {
     }
 
     async canCreateFolderInRoot() {
-        if (!this.canUseFolderLevelPermissions()) {
-            return true;
-        }
-
-        const permissions = await this.listPermissions();
-        return permissions.some(p => p.name === "*");
+        return true;
     }
 
     async filterFolders(params: FilterFoldersParams) {

diff --git a/packages/app-aco/src/contexts/folders.tsx b/packages/app-aco/src/contexts/folders.tsx
@@ -4,7 +4,6 @@ import { FolderItem, Loading, LoadingActions } from "~/types";
 import { AcoAppContext } from "~/contexts/app";
 import { useFoldersApi } from "~/hooks";
 import { ROOT_FOLDER } from "~/constants";
-import { useSecurity } from "@webiny/app-security";
 import { useWcp } from "@webiny/app-wcp/hooks/useWcp";
 
 interface FoldersContext {
@@ -50,7 +49,6 @@ export const FoldersProvider: React.VFC<Props> = ({ children, ...props }) => {
     const [folders, setFolders] = useState<FolderItem[] | null>(null);
     const [loading, setLoading] = useState<Loading<LoadingActions>>(defaultLoading);
     const foldersApi = useFoldersApi();
-    const { getPermission } = useSecurity();
     const { canUseFolderLevelPermissions } = useWcp();
 
     const app = appContext ? appContext.app : undefined;
@@ -144,13 +142,13 @@ export const FoldersProvider: React.VFC<Props> = ({ children, ...props }) => {
                     return true;
                 }
 
-                if (id !== ROOT_FOLDER) {
-                    const folder = folders?.find(folder => folder.id === id);
-                    return !!folder?.canManageStructure;
+                // FLP doesn't apply to root folder.
+                if (id === ROOT_FOLDER) {
+                    return true;
                 }
 
-                // Root folder can be managed only if the user has full access.
-                return !!getPermission("*");
+                const folder = folders?.find(folder => folder.id === id);
+                return !!folder?.canManageStructure;
             }
         };
     }, [folders, loading, setLoading, setFolders]);