Merge pull request #6410 from devtron-labs/fix-sub-user

prkhrkat · web-flow · commit bd9d4f7435ad · 2025-02-20T16:28:36.000+05:30
misc: pipeline listing in app Group
diff --git a/pkg/pipeline/CdHandler.go b/pkg/pipeline/CdHandler.go
@@ -1056,11 +1056,12 @@ func (impl *CdHandlerImpl) FetchAppWorkflowStatusForTriggerViewForEnvironment(re
 		appObjectArr = append(appObjectArr, object[0])
 		envObjectArr = append(envObjectArr, object[1])
 	}
-	appResults, envResults := request.CheckAuthBatch(token, appObjectArr, envObjectArr)
+
+	// filter out pipelines for unauthorized apps but not envs
+	appResults, _ := request.CheckAuthBatch(token, appObjectArr, envObjectArr)
 	for _, pipeline := range pipelines {
 		appObject := objects[pipeline.Id][0]
-		envObject := objects[pipeline.Id][1]
-		if !(appResults[appObject] && envResults[envObject]) {
+		if !(appResults[appObject]) {
 			// if user unauthorized, skip items
 			continue
 		}
diff --git a/pkg/pipeline/DeploymentPipelineConfigService.go b/pkg/pipeline/DeploymentPipelineConfigService.go
@@ -1183,21 +1183,23 @@ func (impl *CdPipelineConfigServiceImpl) GetCdPipelinesByEnvironment(request res
 		appObjectArr = append(appObjectArr, object[0])
 		envObjectArr = append(envObjectArr, object[1])
 	}
-	appResults, envResults := request.CheckAuthBatch(token, appObjectArr, envObjectArr)
-	//authorization block ends here
+
+	// filter out pipelines for unauthorized apps but not envs
+	appResults, _ := request.CheckAuthBatch(token, appObjectArr, envObjectArr)
+
 	span.End()
 	var pipelines []*bean.CDPipelineConfigObject
 	authorizedPipelines := make(map[int]*bean.CDPipelineConfigObject)
 	for _, dbPipeline := range cdPipelines.Pipelines {
 		appObject := objects[dbPipeline.Id][0]
-		envObject := objects[dbPipeline.Id][1]
-		if !(appResults[appObject] && envResults[envObject]) {
+		if !(appResults[appObject]) {
 			//if user unauthorized, skip items
 			continue
 		}
 		pipelineIds = append(pipelineIds, dbPipeline.Id)
 		authorizedPipelines[dbPipeline.Id] = dbPipeline
 	}
+	//authorization block ends here
 
 	pipelineDeploymentTemplate := make(map[int]chartRepoRepository.DeploymentStrategy)
 	pipelineWorkflowMapping := make(map[int]*appWorkflow.AppWorkflowMapping)
