From 1870efc3d0c3d316b3db03cf023752d09a8e3613 Mon Sep 17 00:00:00 2001 From: Moriz Wahl Date: Mon, 3 Oct 2022 22:36:46 +0200 Subject: [PATCH] add CANNOT_SEE relation to posts in groups --- backend/src/schema/resolvers/posts.js | 27 +++++++++++++++++++++++---- 1 file changed, 23 insertions(+), 4 deletions(-) diff --git a/backend/src/schema/resolvers/posts.js b/backend/src/schema/resolvers/posts.js index 5bdda96ab..65f7a1b33 100644 --- a/backend/src/schema/resolvers/posts.js +++ b/backend/src/schema/resolvers/posts.js @@ -112,6 +112,29 @@ export default { params.id = params.id || uuid() const session = context.driver.session() const writeTxResultPromise = session.writeTransaction(async (transaction) => { + let groupCypher = '' + if (groupId) { + groupCypher = ` + WITH post MATCH (group:Group { id: $groupId }) + MERGE (post)-[:IN]->(group)` + const groupTypeResponse = await transaction.run( + ` + MATCH (group:Group { id: $groupId }) RETURN group.groupType AS groupType`, + { groupId }, + ) + const [groupType] = groupTypeResponse.records.map((record) => record.get('groupType')) + if (groupType !== 'public') + groupCypher += ` + WITH post, group + MATCH (user:User)-[membership:MEMBER_OF]->(group) + WHERE group.groupType IN ['closed', 'hidden'] + AND membership.role IN ['usual', 'admin', 'owner'] + WITH post, collect(user.id) AS userIds + OPTIONAL MATCH path =(blocked:User) WHERE NOT blocked.id IN userIds + FOREACH (user IN nodes(path) | + MERGE (user)-[:CANNOT_SEE]->(post) + )` + } const categoriesCypher = CONFIG.CATEGORIES_ACTIVE && categoryIds ? `WITH post @@ -119,10 +142,6 @@ export default { MATCH (category:Category {id: categoryId}) MERGE (post)-[:CATEGORIZED]->(category)` : '' - const groupCypher = groupId - ? `WITH post MATCH (group:Group { id: $groupId }) - MERGE (post)-[:IN]->(group)` - : '' const createPostTransactionResponse = await transaction.run( ` CREATE (post:Post)