From 498cd02d49db6b48d58c651485f5a2e5045e316d Mon Sep 17 00:00:00 2001
From: Yang Luo <hsluoyz@qq.com>
Date: Wed, 8 Nov 2023 09:48:31 +0800
Subject: [PATCH] feat: add GetAllowedApplications() in user's app homepage

---
 controllers/application.go |  6 ++++++
 object/application.go      | 29 +++++++++++++++++++++++++++++
 2 files changed, 35 insertions(+)

diff --git a/controllers/application.go b/controllers/application.go
index 2751a694..699f0dc3 100644
--- a/controllers/application.go
+++ b/controllers/application.go
@@ -173,6 +173,12 @@ func (c *ApiController) GetOrganizationApplications() {
 			return
 		}
 
+		applications, err = object.GetAllowedApplications(applications, userId)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+
 		c.ResponseOk(object.GetMaskedApplications(applications, userId))
 	} else {
 		limit := util.ParseInt(limit)
diff --git a/object/application.go b/object/application.go
index 5d28a2bd..93400dc5 100644
--- a/object/application.go
+++ b/object/application.go
@@ -345,6 +345,35 @@ func GetMaskedApplications(applications []*Application, userId string) []*Applic
 	return applications
 }
 
+func GetAllowedApplications(applications []*Application, userId string) ([]*Application, error) {
+	if isUserIdGlobalAdmin(userId) {
+		return applications, nil
+	}
+
+	user, err := GetUser(userId)
+	if err != nil {
+		return nil, err
+	}
+
+	if user.IsAdmin {
+		return applications, nil
+	}
+
+	res := []*Application{}
+	for _, application := range applications {
+		var allowed bool
+		allowed, err = CheckLoginPermission(userId, application)
+		if err != nil {
+			return nil, err
+		}
+
+		if allowed {
+			res = append(res, application)
+		}
+	}
+	return res, nil
+}
+
 func UpdateApplication(id string, application *Application) (bool, error) {
 	owner, name := util.GetOwnerAndNameFromId(id)
 	oldApplication, err := getApplication(owner, name)