fix(server): doc owner and default role permission (#10281)

2026-02-13 12:55:00 +00:00 · 2025-02-19 16:29:46 +08:00
parent 61ee5531f4
commit 521ee9d374
3 changed files with 72 additions and 14 deletions
--- a/packages/backend/server/src/core/permission/service.ts
+++ b/packages/backend/server/src/core/permission/service.ts
@@ -613,6 +613,8 @@ export class PermissionService {
        }),
      ]);

+      const defaultPageRole = pageEntity?.defaultRole ?? DocRole.Manager;
+
      if (
        // Page role exists, check it first
        (roleEntity && roleEntity.type >= role) ||
@@ -625,7 +627,7 @@ export class PermissionService {
          workspaceRoleEntity.type !== WorkspaceRole.External &&
          Math.max(
            roleEntity?.type ?? Number.MIN_SAFE_INTEGER,
-            pageEntity?.defaultRole ?? Number.MIN_SAFE_INTEGER
+            defaultPageRole
          ) >= role)
      ) {
        return true;
@@ -638,9 +640,7 @@ export class PermissionService {
          ? WorkspaceRole[workspaceRoleEntity.type]
          : undefined,
        pageRole: roleEntity ? DocRole[roleEntity.type] : undefined,
-        pageDefaultRole: pageEntity
-          ? DocRole[pageEntity.defaultRole]
-          : undefined,
+        pageDefaultRole: DocRole[defaultPageRole],
        requiredRole: DocRole[role],
        action,
      };
--- a/packages/backend/server/src/core/workspaces/resolvers/doc.ts
+++ b/packages/backend/server/src/core/workspaces/resolvers/doc.ts
@@ -155,7 +155,8 @@ export class WorkspaceDocResolver {

  constructor(
    private readonly prisma: PrismaClient,
-    private readonly permission: PermissionService
+    private readonly permission: PermissionService,
+    private readonly models: Models
  ) {}

  @ResolveField(() => [DocType], {
@@ -209,17 +210,19 @@ export class WorkspaceDocResolver {
      },
    });

-    if (!doc) {
-      return {
-        docId,
-        workspaceId: workspace.id,
-        mode: PublicDocMode.Page,
-        public: false,
-        defaultRole: DocRole.Manager,
-      };
+    if (doc) {
+      return doc;
    }

-    return doc;
+    await this.tryFixDocOwner(workspace.id, docId);
+
+    return {
+      docId,
+      workspaceId: workspace.id,
+      mode: PublicDocMode.Page,
+      public: false,
+      defaultRole: DocRole.Manager,
+    };
  }

  @Mutation(() => DocType, {
@@ -331,6 +334,58 @@ export class WorkspaceDocResolver {

    return this.permission.revokePublicPage(docId.workspace, docId.guid);
  }
+
+  private async tryFixDocOwner(workspaceId: string, docId: string) {
+    const exists = await this.models.doc.exists(workspaceId, docId);
+
+    // skip if doc not even exists
+    if (!exists) {
+      return;
+    }
+
+    const owner = await this.prisma.workspaceDocUserPermission.findFirst({
+      where: {
+        workspaceId,
+        docId,
+        type: DocRole.Owner,
+      },
+    });
+
+    // skip if owner of already exists
+    if (owner) {
+      return;
+    }
+
+    // try snapshot.createdBy first
+    const snapshot = await this.prisma.snapshot.findUnique({
+      select: {
+        createdBy: true,
+      },
+      where: {
+        workspaceId_id: {
+          workspaceId,
+          id: docId,
+        },
+      },
+    });
+
+    let fixedOwner = snapshot?.createdBy;
+
+    // try workspace.owner
+    if (!fixedOwner) {
+      const owner = await this.permission.getWorkspaceOwner(workspaceId);
+      fixedOwner = owner.id;
+    }
+
+    await this.prisma.workspaceDocUserPermission.create({
+      data: {
+        workspaceId,
+        docId,
+        userId: fixedOwner,
+        type: DocRole.Owner,
+      },
+    });
+  }
 }

@Resolver(() => DocType)