fix(#1): this commit introduces a fix to list individual and inherited permissions for user groups, allowing all of their permissions to be viewed.

https-richardy · https-richardy · commit 11c49eb3f62c · 2026-03-09T16:15:49.000-03:00
diff --git a/Source/HttpsRichardy.Federation.Application/Handlers/User/ListUserAssignedPermissionsHandler.cs b/Source/HttpsRichardy.Federation.Application/Handlers/User/ListUserAssignedPermissionsHandler.cs
@@ -1,6 +1,6 @@
 namespace HttpsRichardy.Federation.Application.Handlers.User;
 
-public sealed class ListUserAssignedPermissionsHandler(IUserCollection collection) :
+public sealed class ListUserAssignedPermissionsHandler(IUserCollection collection, IGroupCollection groupCollection) :
     IDispatchHandler<ListUserAssignedPermissionsParameters, Result<IReadOnlyCollection<PermissionDetailsScheme>>>
 {
     public async Task<Result<IReadOnlyCollection<PermissionDetailsScheme>>> HandleAsync(
@@ -13,8 +13,26 @@ public async Task<Result<IReadOnlyCollection<PermissionDetailsScheme>>> HandleAs
         var users = await collection.GetUsersAsync(filters, cancellation);
         var user = users.FirstOrDefault();
 
-        return user is not null
-            ? Result<IReadOnlyCollection<PermissionDetailsScheme>>.Success(PermissionMapper.AsResponse(user.Permissions))
-            : Result<IReadOnlyCollection<PermissionDetailsScheme>>.Failure(UserErrors.UserDoesNotExist);
+        if (user is null)
+        {
+            return Result<IReadOnlyCollection<PermissionDetailsScheme>>.Failure(UserErrors.UserDoesNotExist);
+        }
+
+        var identifiers = user.Groups
+            .Select(group => group.Id)
+            .ToList();
+
+        var groupFilters = GroupFilters.WithSpecifications()
+            .WithIdentifiers([.. identifiers])
+            .Build();
+
+        var groups = await groupCollection.GetGroupsAsync(groupFilters, cancellation);
+        var permissions = groups
+            .SelectMany(group => group.Permissions)
+            .Concat(user.Permissions)
+            .DistinctBy(permission => permission.Name)
+            .ToList();
+
+        return Result<IReadOnlyCollection<PermissionDetailsScheme>>.Success(PermissionMapper.AsResponse(permissions));
     }
 }
