From 4fc9be14c649957e31e78751b4b161d5ebd94913 Mon Sep 17 00:00:00 2001 From: androidlover5842 Date: Sun, 1 Feb 2026 22:18:40 +0530 Subject: [PATCH] Filter user lists by role hierarchy --- .../controller/property/Properties.kt | 24 +++++++++++++++++-- .../controller/property/UserDirectory.kt | 23 +++++++++++++++++- 2 files changed, 44 insertions(+), 3 deletions(-) diff --git a/src/main/kotlin/com/android/trisolarisserver/controller/property/Properties.kt b/src/main/kotlin/com/android/trisolarisserver/controller/property/Properties.kt index 1c7f9ca..3f2f6ef 100644 --- a/src/main/kotlin/com/android/trisolarisserver/controller/property/Properties.kt +++ b/src/main/kotlin/com/android/trisolarisserver/controller/property/Properties.kt @@ -101,8 +101,14 @@ class Properties( requirePrincipal(principal) propertyAccess.requireMember(propertyId, principal!!.userId) propertyAccess.requireAnyRole(propertyId, principal.userId, Role.ADMIN, Role.MANAGER) - val users = propertyUserRepo.findByIdPropertyId(propertyId) - return users.filter { it.id.userId != principal.userId }.map { + val actorUser = appUserRepo.findById(principal.userId).orElse(null) + val actorRoles = propertyUserRepo.findRolesByPropertyAndUser(propertyId, principal.userId) + val actorRank = rankForUser(actorUser?.superAdmin == true, actorRoles) + val users = propertyUserRepo.findByPropertyIdWithUser(propertyId) + return users + .filter { it.id.userId != principal.userId } + .filter { actorRank >= rankForUser(it.user.superAdmin, it.roles) } + .map { PropertyUserResponse( userId = it.id.userId!!, propertyId = it.id.propertyId!!, @@ -271,6 +277,20 @@ class Properties( throw ResponseStatusException(HttpStatus.BAD_REQUEST, "Unknown transport mode") } } + + private fun rankForUser(isSuperAdmin: Boolean, roles: Set): Int { + if (isSuperAdmin) return 500 + return roles.maxOfOrNull { roleRank(it) } ?: 0 + } + + private fun roleRank(role: Role): Int { + return when (role) { + Role.ADMIN -> 400 + Role.MANAGER -> 300 + Role.STAFF, Role.HOUSEKEEPING, Role.FINANCE, Role.SUPERVISOR, Role.GUIDE -> 200 + Role.AGENT -> 100 + } + } } private fun Property.toResponse(): PropertyResponse { diff --git a/src/main/kotlin/com/android/trisolarisserver/controller/property/UserDirectory.kt b/src/main/kotlin/com/android/trisolarisserver/controller/property/UserDirectory.kt index 29e343b..c82030f 100644 --- a/src/main/kotlin/com/android/trisolarisserver/controller/property/UserDirectory.kt +++ b/src/main/kotlin/com/android/trisolarisserver/controller/property/UserDirectory.kt @@ -56,13 +56,20 @@ class UserDirectory( propertyAccess.requireMember(propertyId, resolved.userId) propertyAccess.requireAnyRole(propertyId, resolved.userId, Role.ADMIN) + val actorUser = appUserRepo.findById(resolved.userId).orElse(null) + val actorRoles = propertyUserRepo.findRolesByPropertyAndUser(propertyId, resolved.userId) + val actorRank = rankForUser(actorUser?.superAdmin == true, actorRoles) + val digits = phone?.filter { it.isDigit() }.orEmpty() val users = when { phone == null -> propertyUserRepo.findByPropertyIdWithUser(propertyId) digits.length < 6 -> return emptyList() else -> propertyUserRepo.findByPropertyIdAndPhoneLike(propertyId, digits) } - return users.filter { it.id.userId != resolved.userId }.map { + return users + .filter { it.id.userId != resolved.userId } + .filter { actorRank >= rankForUser(it.user.superAdmin, it.roles) } + .map { val user = it.user PropertyUserDetailsResponse( userId = it.id.userId!!, @@ -75,4 +82,18 @@ class UserDirectory( ) } } + + private fun rankForUser(isSuperAdmin: Boolean, roles: Set): Int { + if (isSuperAdmin) return 500 + return roles.maxOfOrNull { roleRank(it) } ?: 0 + } + + private fun roleRank(role: Role): Int { + return when (role) { + Role.ADMIN -> 400 + Role.MANAGER -> 300 + Role.STAFF, Role.HOUSEKEEPING, Role.FINANCE, Role.SUPERVISOR, Role.GUIDE -> 200 + Role.AGENT -> 100 + } + } }