From c6ba8054163024cd6156c3223b5013a8430c80db Mon Sep 17 00:00:00 2001
From: Thomasr <techninjas514@thecoderagency.com>
Date: Wed, 28 May 2025 04:22:33 -0400
Subject: [PATCH] Fixed groupApiservice(hasReadPermission) and
 ResourcePermissionHandler(orgUserPermissionMono). Add superAdmin to
 permission.

---
 .../domain/permission/service/ResourcePermissionHandler.java  | 4 ++--
 .../org/lowcoder/api/usermanagement/GroupApiServiceImpl.java  | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/server/api-service/lowcoder-domain/src/main/java/org/lowcoder/domain/permission/service/ResourcePermissionHandler.java b/server/api-service/lowcoder-domain/src/main/java/org/lowcoder/domain/permission/service/ResourcePermissionHandler.java
index e5c54b6087..a7f7862985 100644
--- a/server/api-service/lowcoder-domain/src/main/java/org/lowcoder/domain/permission/service/ResourcePermissionHandler.java
+++ b/server/api-service/lowcoder-domain/src/main/java/org/lowcoder/domain/permission/service/ResourcePermissionHandler.java
@@ -249,7 +249,7 @@ public Mono<UserPermissionOnResourceStatus> checkUserPermissionStatusOnApplicati
         Mono<UserPermissionOnResourceStatus> orgUserPermissionMono = getOrgId(resourceId)
                 .flatMap(orgId -> orgMemberService.getOrgMember(orgId, userId))
                 .flatMap(orgMember -> {
-                    if (orgMember.isAdmin()) {
+                    if (orgMember.isAdmin() || orgMember.isSuperAdmin()) {
                         return Mono.just(UserPermissionOnResourceStatus.success(buildAdminPermission(resourceType, resourceId, userId)));
                     }
                     return getAllMatchingPermissions0(userId, orgMember.getOrgId(), resourceType, Collections.singleton(resourceId), resourceAction)
@@ -308,7 +308,7 @@ public Mono<UserPermissionOnResourceStatus> checkUserPermissionStatusOnBundle(St
         Mono<UserPermissionOnResourceStatus> orgUserPermissionMono = getOrgId(resourceId)
                 .flatMap(orgId -> orgMemberService.getOrgMember(orgId, userId))
                 .flatMap(orgMember -> {
-                    if (orgMember.isAdmin()) {
+                    if (orgMember.isAdmin() || orgMember.isSuperAdmin()) {
                         return Mono.just(UserPermissionOnResourceStatus.success(buildAdminPermission(resourceType, resourceId, userId)));
                     }
                     return getAllMatchingPermissions0(userId, orgMember.getOrgId(), resourceType, Collections.singleton(resourceId), resourceAction)
diff --git a/server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/usermanagement/GroupApiServiceImpl.java b/server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/usermanagement/GroupApiServiceImpl.java
index 1ae81589aa..55b5f2adb1 100644
--- a/server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/usermanagement/GroupApiServiceImpl.java
+++ b/server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/usermanagement/GroupApiServiceImpl.java
@@ -118,7 +118,7 @@ public Mono<GroupMemberAggregateView> getGroupMembers(String groupId, int page,
     private boolean hasReadPermission(Tuple2<GroupMember, OrgMember> tuple) {
         GroupMember groupMember = tuple.getT1();
         OrgMember orgMember = tuple.getT2();
-        return groupMember.isValid() || orgMember.isAdmin();
+        return orgMember.isSuperAdmin() || groupMember.isValid() || orgMember.isAdmin();
     }
 
     private boolean hasManagePermission(Tuple2<GroupMember, OrgMember> tuple) {