1 год назад · b97db4c8a2
--- a/apps/app/src/server/routes/apiv3/page/index.ts
+++ b/apps/app/src/server/routes/apiv3/page/index.ts
@@ -661,7 +661,7 @@ module.exports = (crowi) => {
 
				         }
			
 
				 
			
 
				         const userRelatedGroups = await pageGrantService.getUserRelatedGroups(user);
			
 
				-        const isUserGrantedPageAccess = await pageGrantService.isUserGrantedPageAccess(page, user, userRelatedGroups);
			
 
				+        const isUserGrantedPageAccess = await pageGrantService.isUserGrantedPageAccess(page, user, userRelatedGroups, true);
			
 
				         if (!isUserGrantedPageAccess) {
			
 
				           return res.apiv3Err(new ErrorV3('Cannot access page or ancestor.', 'cannot_access_page'), 403);
			
 
				         }
			
--- a/apps/app/src/server/service/page-grant.ts
+++ b/apps/app/src/server/service/page-grant.ts
@@ -106,7 +106,7 @@ export interface IPageGrantService {
 
				   getUserRelatedGrantedGroups: (page: PageDocument, user) => Promise<IGrantedGroup[]>,
			
 
				   getUserRelatedGrantedGroupsSyncronously: (userRelatedGroups: PopulatedGrantedGroup[], page: PageDocument) => IGrantedGroup[],
			
 
				   getNonUserRelatedGrantedGroups: (page: PageDocument, user) => Promise<IGrantedGroup[]>,
			
 
				-  isUserGrantedPageAccess: (page: PageDocument, user, userRelatedGroups: PopulatedGrantedGroup[]) => boolean,
			
 
				+  isUserGrantedPageAccess: (page: PageDocument, user, userRelatedGroups: PopulatedGrantedGroup[], allowAnyoneWithTheLink?: boolean) => boolean,
			
 
				   getPageGroupGrantData: (page: PageDocument, user) => Promise<GroupGrantData>,
			
 
				   calcApplicableGrantData: (page, user) => Promise<IRecordApplicableGrant>
			
 
				 }
			
@@ -789,8 +789,9 @@ class PageGrantService implements IPageGrantService {
 
				   /**
			
 
				    * Check if user is granted access to page
			
 
				    */
			
 
				-  isUserGrantedPageAccess(page: PageDocument, user, userRelatedGroups: PopulatedGrantedGroup[]): boolean {
			
 
				+  isUserGrantedPageAccess(page: PageDocument, user, userRelatedGroups: PopulatedGrantedGroup[], allowAnyoneWithTheLink = false): boolean {
			
 
				     if (page.grant === PageGrant.GRANT_PUBLIC) return true;
			
 
				+    if (page.grant === PageGrant.GRANT_RESTRICTED && allowAnyoneWithTheLink) return true;
			
 
				     if (page.grant === PageGrant.GRANT_OWNER) return page.grantedUsers?.includes(user._id.toString()) ?? false;
			
 
				     if (page.grant === PageGrant.GRANT_USER_GROUP) return this.getUserRelatedGrantedGroupsSyncronously(userRelatedGroups, page).length > 0;
			
 
				     return false;