From aeb691752c28a8d1a68284b97d05102ec7f198c1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julius=20H=C3=A4rtl?= <jus@bitgrid.net>
Date: Mon, 27 Feb 2023 11:25:45 +0100
Subject: [PATCH] fix: Pass user id along to properly check permissions in
 background jobs
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Julius Härtl <jus@bitgrid.net>
---
 lib/Service/PermissionService.php | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/lib/Service/PermissionService.php b/lib/Service/PermissionService.php
index 3ec01218e..6f7576819 100644
--- a/lib/Service/PermissionService.php
+++ b/lib/Service/PermissionService.php
@@ -103,21 +103,23 @@ public function getPermissions($boardId, ?string $userId = null) {
 			$userId = $this->userId;
 		}
 
-		if ($cached = $this->permissionCache->get($boardId)) {
+		$cacheKey = $boardId . '-' . $userId;
+		if ($cached = $this->permissionCache->get($cacheKey)) {
 			return $cached;
 		}
 
+
 		$board = $this->getBoard($boardId);
 		$owner = $this->userIsBoardOwner($boardId, $userId);
 		$acls = $board->getDeletedAt() === 0 ? $this->aclMapper->findAll($boardId) : [];
 		$permissions = [
-			Acl::PERMISSION_READ => $owner || $this->userCan($acls, Acl::PERMISSION_READ),
-			Acl::PERMISSION_EDIT => $owner || $this->userCan($acls, Acl::PERMISSION_EDIT),
-			Acl::PERMISSION_MANAGE => $owner || $this->userCan($acls, Acl::PERMISSION_MANAGE),
-			Acl::PERMISSION_SHARE => ($owner || $this->userCan($acls, Acl::PERMISSION_SHARE))
-				&& (!$this->shareManager->sharingDisabledForUser($this->userId))
+			Acl::PERMISSION_READ => $owner || $this->userCan($acls, Acl::PERMISSION_READ, $userId),
+			Acl::PERMISSION_EDIT => $owner || $this->userCan($acls, Acl::PERMISSION_EDIT, $userId),
+			Acl::PERMISSION_MANAGE => $owner || $this->userCan($acls, Acl::PERMISSION_MANAGE, $userId),
+			Acl::PERMISSION_SHARE => ($owner || $this->userCan($acls, Acl::PERMISSION_SHARE, $userId))
+				&& (!$this->shareManager->sharingDisabledForUser($userId))
 		];
-		$this->permissionCache->set((string)$boardId, $permissions);
+		$this->permissionCache->set($cacheKey, $permissions);
 		return $permissions;
 	}