rename

server/models/Document.ts

@@ -13,7 +13,6 @@ import {
   Transaction,
   Op,
   FindOptions,
-  ScopeOptions,
   WhereOptions,
   EmptyResultError,
 } from "sequelize";
@@ -106,20 +105,6 @@ type AdditionalFindOptions = {
   },
 }))
 @Scopes(() => ({
-  withCollectionPermissions: (userId: string, paranoid = true) => ({
-    include: [
-      {
-        attributes: ["id", "permission", "sharing", "teamId", "deletedAt"],
-        model: userId
-          ? Collection.scope({
-              method: ["withMembership", userId],
-            })
-          : Collection,
-        as: "collection",
-        paranoid,
-      },
-    ],
-  }),
   withoutState: {
     attributes: {
       exclude: ["state"],
@@ -169,13 +154,23 @@ type AdditionalFindOptions = {
       ],
     };
   },
-  withMembership: (userId: string) => {
+  withMembership: (userId: string, paranoid = true) => {
     if (!userId) {
       return {};
     }
 
     return {
       include: [
+        {
+          attributes: ["id", "permission", "sharing", "teamId", "deletedAt"],
+          model: userId
+            ? Collection.scope({
+                method: ["withMembership", userId],
+              })
+            : Collection,
+          as: "collection",
+          paranoid,
+        },
         {
           association: "memberships",
           where: {
@@ -637,21 +632,15 @@ class Document extends ArchivableModel<
     return uniq(membershipUserIds);
   }
 
-  static defaultScopeWithUser(userId: string) {
-    const collectionScope: Readonly<ScopeOptions> = {
-      method: ["withCollectionPermissions", userId],
-    };
-    const viewScope: Readonly<ScopeOptions> = {
-      method: ["withViews", userId],
-    };
-    const membershipScope: Readonly<ScopeOptions> = {
-      method: ["withMembership", userId],
-    };
+  static withMembershipScope(userId: string, options?: FindOptions<Document>) {
     return this.scope([
       "defaultScope",
-      collectionScope,
-      viewScope,
-      membershipScope,
+      {
+        method: ["withViews", userId],
+      },
+      {
+        method: ["withMembership", userId, options?.paranoid],
+      },
     ]);
   }
 
@@ -685,14 +674,12 @@ class Document extends ArchivableModel<
     // almost every endpoint needs the collection membership to determine policy permissions.
     const scope = this.scope([
       "withDrafts",
-      {
-        method: ["withCollectionPermissions", userId, rest.paranoid],
-      },
+      options.includeState ? "withState" : "withoutState",
       {
         method: ["withViews", userId],
       },
       {
-        method: ["withMembership", userId],
+        method: ["withMembership", userId, rest.paranoid],
       },
     ]);
 
@@ -750,9 +737,6 @@ class Document extends ArchivableModel<
     const user = userId ? await User.findByPk(userId) : null;
     const documents = await this.scope([
       "withDrafts",
-      {
-        method: ["withCollectionPermissions", userId, rest.paranoid],
-      },
       {
         method: ["withViews", userId],
       },

server/models/helpers/SearchHelper.ts

@@ -182,25 +182,16 @@ export default class SearchHelper {
       },
     ];
 
-    return Document.scope([
-      "withDrafts",
-      {
-        method: ["withViews", user.id],
-      },
-      {
-        method: ["withCollectionPermissions", user.id],
-      },
-      {
-        method: ["withMembership", user.id],
-      },
-    ]).findAll({
-      where,
-      subQuery: false,
-      order: [["updatedAt", "DESC"]],
-      include,
-      offset,
-      limit,
-    });
+    return Document.withMembershipScope(user.id)
+      .scope("withDrafts")
+      .findAll({
+        where,
+        subQuery: false,
+        order: [["updatedAt", "DESC"]],
+        include,
+        offset,
+        limit,
+      });
   }
 
   public static async searchCollectionsForUser(
@@ -273,23 +264,14 @@ export default class SearchHelper {
 
       // Final query to get associated document data
       const [documents, count] = await Promise.all([
-        Document.scope([
-          "withDrafts",
-          {
-            method: ["withViews", user.id],
-          },
-          {
-            method: ["withCollectionPermissions", user.id],
-          },
-          {
-            method: ["withMembership", user.id],
-          },
-        ]).findAll({
-          where: {
-            teamId: user.teamId,
-            id: map(results, "id"),
-          },
-        }),
+        Document.withMembershipScope(user.id)
+          .scope("withDrafts")
+          .findAll({
+            where: {
+              teamId: user.teamId,
+              id: map(results, "id"),
+            },
+          }),
         results.length < limit && offset === 0
           ? Promise.resolve(results.length)
           : countQuery,

server/routes/api/documents/documents.ts

@@ -268,7 +268,7 @@ router.post(
     }
 
     const [documents, total] = await Promise.all([
-      Document.defaultScopeWithUser(user.id).findAll({
+      Document.withMembershipScope(user.id).findAll({
         where,
         order: [
           [
@@ -348,7 +348,7 @@ router.post(
       };
     }
 
-    const documents = await Document.defaultScopeWithUser(user.id).findAll({
+    const documents = await Document.withMembershipScope(user.id).findAll({
       where,
       order: [
         [
@@ -397,15 +397,11 @@ router.post(
     const membershipScope: Readonly<ScopeOptions> = {
       method: ["withMembership", user.id],
     };
-    const collectionScope: Readonly<ScopeOptions> = {
-      method: ["withCollectionPermissions", user.id],
-    };
     const viewScope: Readonly<ScopeOptions> = {
       method: ["withViews", user.id],
     };
     const documents = await Document.scope([
       membershipScope,
-      collectionScope,
       viewScope,
       "withDrafts",
     ]).findAll({
@@ -539,12 +535,14 @@ router.post(
       delete where.updatedAt;
     }
 
-    const documents = await Document.defaultScopeWithUser(user.id).findAll({
-      where,
-      order: [[sort, direction]],
-      offset: ctx.state.pagination.offset,
-      limit: ctx.state.pagination.limit,
-    });
+    const documents = await Document.withMembershipScope(user.id)
+      .scope("withDrafts")
+      .findAll({
+        where,
+        order: [[sort, direction]],
+        offset: ctx.state.pagination.offset,
+        limit: ctx.state.pagination.limit,
+      });
     const data = await Promise.all(
       documents.map((document) => presentDocument(ctx, document))
     );
@@ -2033,13 +2031,7 @@ router.post(
     const collectionIds = await user.collectionIds({
       paranoid: false,
     });
-    const collectionScope: Readonly<ScopeOptions> = {
-      method: ["withCollectionPermissions", user.id],
-    };
-    const documents = await Document.scope([
-      collectionScope,
-      "withDrafts",
-    ]).findAll({
+    const documents = await Document.scope("withDrafts").findAll({
       attributes: ["id"],
       where: {
         deletedAt: {

server/routes/api/groupMemberships/groupMemberships.ts

@@ -24,6 +24,7 @@ router.post(
   async (ctx: APIContext<T.GroupMembershipsListReq>) => {
     const { groupId } = ctx.input.body;
     const { user } = ctx.state.auth;
+    const userId = user.id;
 
     const memberships = await GroupMembership.findAll({
       where: {
@@ -44,7 +45,7 @@ router.post(
               association: "groupUsers",
               required: true,
               where: {
-                userId: user.id,
+                userId,
               },
             },
           ],
@@ -57,15 +58,13 @@ router.post(
     const documentIds = memberships
       .map((p) => p.documentId)
       .filter(Boolean) as string[];
-    const documents = await Document.scope([
-      "withDrafts",
-      { method: ["withMembership", user.id] },
-      { method: ["withCollectionPermissions", user.id] },
-    ]).findAll({
-      where: {
-        id: documentIds,
-      },
-    });
+    const documents = await Document.withMembershipScope(userId)
+      .scope("withDrafts")
+      .findAll({
+        where: {
+          id: documentIds,
+        },
+      });
 
     const groups = uniqBy(
       memberships.map((membership) => membership.group),

server/routes/api/pins/pins.ts

@@ -113,7 +113,7 @@ router.post(
       user.collectionIds(),
     ]);
 
-    const documents = await Document.defaultScopeWithUser(user.id).findAll({
+    const documents = await Document.withMembershipScope(user.id).findAll({
       where: {
         id: pins.map((pin) => pin.documentId),
         collectionId: collectionIds,

server/routes/api/stars/stars.ts

@@ -94,7 +94,7 @@ router.post(
       .map((star) => star.documentId)
       .filter(Boolean) as string[];
     const documents = documentIds.length
-      ? await Document.defaultScopeWithUser(user.id).findAll({
+      ? await Document.withMembershipScope(user.id).findAll({
           where: {
             id: documentIds,
             collectionId: collectionIds,

server/routes/api/userMemberships/userMemberships.ts

@@ -1,5 +1,4 @@
 import Router from "koa-router";
-
 import { Op, Sequelize } from "sequelize";
 import auth from "@server/middlewares/authentication";
 import { transaction } from "@server/middlewares/transaction";
@@ -46,14 +45,8 @@ router.post(
     const documentIds = memberships
       .map((p) => p.documentId)
       .filter(Boolean) as string[];
-    const documents = await Document.scope([
-      "withDrafts",
-      { method: ["withMembership", user.id] },
-      { method: ["withCollectionPermissions", user.id] },
-    ]).findAll({
-      where: {
-        id: documentIds,
-      },
+    const documents = await Document.findByIds(documentIds, {
+      userId: user.id,
     });
 
     const policies = presentPolicies(user, [...documents, ...memberships]);

server/utils/permissions.ts

@@ -99,10 +99,7 @@ export const getDocumentPermission = async ({
   documentId: string;
   skipMembershipId?: string;
 }): Promise<DocumentPermission | undefined> => {
-  const document = await Document.scope({
-    method: ["withCollectionPermissions", userId],
-  }).findOne({ where: { id: documentId } });
-
+  const document = await Document.findByPk(documentId, { userId });
   const permissions: DocumentPermission[] = [];
 
   const collection = document?.collection;