From 0d5f49e40aaa415ae43f58cd60f09586317a1bfd Mon Sep 17 00:00:00 2001
From: Yang Luo <hsluoyz@qq.com>
Date: Fri, 8 Mar 2024 16:15:31 +0800
Subject: [PATCH] fix: fix GetResources() bug for app users

---
 controllers/resource.go |  4 ++--
 controllers/util.go     | 26 +++++++++++++++++++++++++-
 2 files changed, 27 insertions(+), 3 deletions(-)

diff --git a/controllers/resource.go b/controllers/resource.go
index dd1f6883..f9cffee6 100644
--- a/controllers/resource.go
+++ b/controllers/resource.go
@@ -52,12 +52,12 @@ func (c *ApiController) GetResources() {
 	sortField := c.Input().Get("sortField")
 	sortOrder := c.Input().Get("sortOrder")
 
-	userObj, ok := c.RequireSignedInUser()
+	isOrgAdmin, ok := c.IsOrgAdmin()
 	if !ok {
 		return
 	}
 
-	if userObj != nil && userObj.IsAdmin {
+	if isOrgAdmin {
 		user = ""
 	}
 
diff --git a/controllers/util.go b/controllers/util.go
index e1916354..f6992297 100644
--- a/controllers/util.go
+++ b/controllers/util.go
@@ -108,12 +108,12 @@ func (c *ApiController) RequireSignedInUser() (*object.User, bool) {
 		c.ResponseError(err.Error())
 		return nil, false
 	}
-
 	if user == nil {
 		c.ClearUserSession()
 		c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), userId))
 		return nil, false
 	}
+
 	return user, true
 }
 
@@ -130,6 +130,30 @@ func (c *ApiController) RequireAdmin() (string, bool) {
 	return user.Owner, true
 }
 
+func (c *ApiController) IsOrgAdmin() (bool, bool) {
+	userId, ok := c.RequireSignedIn()
+	if !ok {
+		return false, true
+	}
+
+	if strings.HasPrefix(userId, "app/") {
+		return true, true
+	}
+
+	user, err := object.GetUser(userId)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return false, false
+	}
+	if user == nil {
+		c.ClearUserSession()
+		c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), userId))
+		return false, false
+	}
+
+	return user.IsAdmin, true
+}
+
 // IsMaskedEnabled ...
 func (c *ApiController) IsMaskedEnabled() (bool, bool) {
 	isMaskEnabled := true