fix(typesense): fetch task comments without permission check
Some checks failed
continuous-integration/drone/push Build is failing

Fetching the task comments during indexing would always check the permissions - in the specific case of indexing comments into Typesense, this will always return true, because we're checking with the owner of the project. Because this is a rather expensive operation, it is even more unnecessary.
This commit is contained in:
kolaente 2024-11-02 18:41:50 +01:00
parent e8bf5e33f7
commit 3f62c013ba
Signed by: konrad
GPG Key ID: F40E70337AB24C9B
2 changed files with 7 additions and 28 deletions

View File

@ -252,6 +252,10 @@ func (tc *TaskComment) ReadAll(s *xorm.Session, auth web.Auth, search string, pa
return nil, 0, 0, ErrGenericForbidden{}
}
return tc.getAllCommentsForTasksWithoutPermissionCheck(s, search, page, perPage)
}
func (tc *TaskComment) getAllCommentsForTasksWithoutPermissionCheck(s *xorm.Session, search string, page int, perPage int) (result []*TaskComment, resultCount int, numberOfTotalItems int64, err error) {
// Because we can't extend the type in general, we need to do this here.
// Not a good solution, but saves performance.
type TaskCommentWithAuthor struct {

View File

@ -247,35 +247,11 @@ func ReindexAllTasks() (err error) {
return
}
func getTypesenseTaskForTask(s *xorm.Session, task *Task, projectsCache map[int64]*Project, taskPositionCache map[int64][]*TaskPositionWithView, taskBucketCache map[int64][]*TaskBucket) (ttask *typesenseTask, err error) {
func getTypesenseTaskForTask(s *xorm.Session, task *Task, taskPositionCache map[int64][]*TaskPositionWithView, taskBucketCache map[int64][]*TaskBucket) (ttask *typesenseTask, err error) {
ttask = convertTaskToTypesenseTask(task, taskPositionCache[task.ID], taskBucketCache[task.ID])
var p *Project
if projectsCache == nil {
p, err = GetProjectSimpleByID(s, task.ProjectID)
if err != nil {
if IsErrProjectDoesNotExist(err) {
return nil, nil
}
return nil, fmt.Errorf("could not fetch project %d: %s", task.ProjectID, err.Error())
}
} else {
var has bool
p, has = projectsCache[task.ProjectID]
if !has {
p, err = GetProjectSimpleByID(s, task.ProjectID)
if err != nil {
if IsErrProjectDoesNotExist(err) {
return nil, nil
}
return nil, fmt.Errorf("could not fetch project %d: %s", task.ProjectID, err.Error())
}
projectsCache[task.ProjectID] = p
}
}
comment := &TaskComment{TaskID: task.ID}
ttask.Comments, _, _, err = comment.ReadAll(s, &user.User{ID: p.OwnerID}, "", -1, -1)
ttask.Comments, _, _, err = comment.getAllCommentsForTasksWithoutPermissionCheck(s, "", -1, -1)
if err != nil {
return nil, fmt.Errorf("could not fetch comments for task %d: %s", task.ID, err.Error())
}
@ -299,7 +275,6 @@ func reindexTasksInTypesense(s *xorm.Session, tasks map[int64]*Task) (err error)
return fmt.Errorf("could not fetch more task info: %s", err.Error())
}
projects := make(map[int64]*Project)
typesenseTasks := []interface{}{}
positionsByTask, err := getPositionsByTask(s)
@ -314,7 +289,7 @@ func reindexTasksInTypesense(s *xorm.Session, tasks map[int64]*Task) (err error)
for _, task := range tasks {
ttask, err := getTypesenseTaskForTask(s, task, projects, positionsByTask, bucketsByTask)
ttask, err := getTypesenseTaskForTask(s, task, positionsByTask, bucketsByTask)
if err != nil {
return err
}