|
1 | 1 | import { FederationMatrix, MeteorError, Team } from '@rocket.chat/core-services'; |
2 | 2 | import { |
3 | 3 | type IRoom, |
| 4 | + type IRoomAbacRedaction, |
4 | 5 | type IUpload, |
5 | 6 | type RequiredField, |
6 | 7 | type RoomAdminFieldsType, |
@@ -89,6 +90,7 @@ import { |
89 | 90 | findChannelAndPrivateAutocompleteWithPagination, |
90 | 91 | findRoomsAvailableForTeams, |
91 | 92 | } from '../lib/rooms'; |
| 93 | +import { scopeAdminRoomsForAbac } from '../lib/scopeAdminRoomsForAbac'; |
92 | 94 |
|
93 | 95 | export async function findRoomByIdOrName({ |
94 | 96 | params, |
@@ -712,10 +714,15 @@ API.v1.get( |
712 | 714 | authRequired: true, |
713 | 715 | query: isRoomsAdminRoomsProps, |
714 | 716 | response: { |
715 | | - 200: ajv.compile<{ rooms: IRoom[]; count: number; offset: number; total: number }>({ |
| 717 | + 200: ajv.compile<{ |
| 718 | + rooms: Array<Pick<IRoom, RoomAdminFieldsType> & IRoomAbacRedaction>; |
| 719 | + count: number; |
| 720 | + offset: number; |
| 721 | + total: number; |
| 722 | + }>({ |
716 | 723 | type: 'object', |
717 | 724 | properties: { |
718 | | - rooms: { type: 'array', items: { type: 'object' } }, // relaxed: IRoom with admin fields |
| 725 | + rooms: { type: 'array', items: { type: 'object' } }, // relaxed: IRoom with admin fields + optional ABAC redaction |
719 | 726 | count: { type: 'number' }, |
720 | 727 | offset: { type: 'number' }, |
721 | 728 | total: { type: 'number' }, |
@@ -785,10 +792,17 @@ API.v1.get( |
785 | 792 | authRequired: true, |
786 | 793 | query: isRoomsAdminRoomsGetRoomProps, |
787 | 794 | response: { |
788 | | - 200: ajv.compile<Pick<IRoom, RoomAdminFieldsType>>({ |
| 795 | + 200: ajv.compile<Pick<IRoom, RoomAdminFieldsType> & IRoomAbacRedaction>({ |
789 | 796 | allOf: [ |
790 | 797 | { $ref: '#/components/schemas/IRoomAdmin' }, |
791 | | - { type: 'object', properties: { success: { type: 'boolean', enum: [true] } }, required: ['success'] }, |
| 798 | + { |
| 799 | + type: 'object', |
| 800 | + properties: { |
| 801 | + success: { type: 'boolean', enum: [true] }, |
| 802 | + abacAttributesRedacted: { type: 'boolean' }, |
| 803 | + }, |
| 804 | + required: ['success'], |
| 805 | + }, |
792 | 806 | ], |
793 | 807 | }), |
794 | 808 | 400: validateBadRequestErrorResponse, |
@@ -1447,7 +1461,7 @@ export const roomEndpoints = API.v1 |
1447 | 1461 | 401: validateUnauthorizedErrorResponse, |
1448 | 1462 | 403: validateUnauthorizedErrorResponse, |
1449 | 1463 | 200: ajv.compile<{ |
1450 | | - rooms: IRoom[]; |
| 1464 | + rooms: Array<Pick<IRoom, RoomAdminFieldsType> & IRoomAbacRedaction>; |
1451 | 1465 | count: number; |
1452 | 1466 | offset: number; |
1453 | 1467 | total: number; |
@@ -1485,7 +1499,7 @@ export const roomEndpoints = API.v1 |
1485 | 1499 | const [rooms, total] = await Promise.all([cursor.map(stripABACManagedFieldsForAdmin).toArray(), totalCount]); |
1486 | 1500 |
|
1487 | 1501 | return API.v1.success({ |
1488 | | - rooms, |
| 1502 | + rooms: await scopeAdminRoomsForAbac(rooms, this.userId), |
1489 | 1503 | count: rooms.length, |
1490 | 1504 | offset, |
1491 | 1505 | total, |
|
0 commit comments