< Summary

Information

Class:	Chronicis.Api.Services.ReadAccessPolicyService
Assembly:	Chronicis.Api
File(s):	/home/runner/work/chronicis/chronicis/src/Chronicis.Api/Services/ReadAccessPolicyService.cs

Line coverage

100%

Covered lines:	26
Uncovered lines:	0
Coverable lines:	26
Total lines:	81
Line coverage:	100%

Branch coverage

N/A

Covered branches:	0
Total branches:	0
Branch coverage:	N/A

Method coverage

Feature is only available for sponsors

Upgrade to PRO version

Metrics

Method	Branch coverage	Crap Score	Cyclomatic complexity	Line coverage
ApplyPublicWorldFilter(...)	100%	1	1	100%
ApplyAuthenticatedWorldFilter(...)	100%	1	1	100%
ApplyPublicVisibilityFilter(...)	100%	1	1	100%
ApplyPublicArticleFilter(...)	100%	1	1	100%
ApplyTutorialArticleFilter(...)	100%	1	1	100%
ApplyAuthenticatedWorldArticleFilter(...)	100%	1	1	100%
ApplyAuthenticatedReadableArticleFilter(...)	100%	1	1	100%
ApplyAuthenticatedCampaignFilter(...)	100%	1	1	100%
ApplyAuthenticatedArcFilter(...)	100%	1	1	100%
CanReadWorld(...)	100%	1	1	100%
CanReadMemberScopedEntity(...)	100%	1	1	100%

File(s)

/home/runner/work/chronicis/chronicis/src/Chronicis.Api/Services/ReadAccessPolicyService.cs

#	Line	Line coverage
	`1`	`using Chronicis.Shared.Enums;`
	`2`	`using Chronicis.Shared.Models;`
	`3`
	`4`	`namespace Chronicis.Api.Services;`
	`5`
	`6`	`public sealed class ReadAccessPolicyService : IReadAccessPolicyService`
	`7`	`{`
	`8`	`public IQueryable<World> ApplyPublicWorldFilter(IQueryable<World> worlds)`
	`9`	`{`
1	`10`	`return worlds.Where(w => w.IsPublic);`
	`11`	`}`
	`12`
	`13`	`public IQueryable<World> ApplyAuthenticatedWorldFilter(IQueryable<World> worlds, Guid userId)`
	`14`	`{`
5	`15`	`return worlds.Where(w => w.Members.Any(m => m.UserId == userId));`
	`16`	`}`
	`17`
	`18`	`public IQueryable<Article> ApplyPublicVisibilityFilter(IQueryable<Article> articles)`
	`19`	`{`
4	`20`	`return articles.Where(a => a.Visibility == ArticleVisibility.Public);`
	`21`	`}`
	`22`
	`23`	`public IQueryable<Article> ApplyPublicArticleFilter(IQueryable<Article> articles, Guid worldId)`
	`24`	`{`
1	`25`	`return ApplyPublicVisibilityFilter(articles)`
1	`26`	`.Where(a => a.WorldId == worldId);`
	`27`	`}`
	`28`
	`29`	`public IQueryable<Article> ApplyTutorialArticleFilter(IQueryable<Article> articles)`
	`30`	`{`
2	`31`	`return articles.Where(a => a.Type == ArticleType.Tutorial && a.WorldId == Guid.Empty);`
	`32`	`}`
	`33`
	`34`	`public IQueryable<Article> ApplyAuthenticatedWorldArticleFilter(IQueryable<Article> articles, Guid userId)`
	`35`	`{`
60	`36`	`return articles`
60	`37`	`.Where(a => a.Type != ArticleType.Tutorial && a.WorldId != Guid.Empty)`
60	`38`	`.Where(a => a.World != null && a.World.Members.Any(m => m.UserId == userId))`
60	`39`	`.Where(a => a.Visibility != ArticleVisibility.Private \|\| a.CreatedBy == userId);`
	`40`	`}`
	`41`
	`42`	`public IQueryable<Article> ApplyAuthenticatedReadableArticleFilter(IQueryable<Article> articles, Guid userId)`
	`43`	`{`
	`44`	`// Single predicate instead of Concat of two filtered queries.`
	`45`	`//`
	`46`	`// Why: EF Core translates IQueryable.Concat/Union/Except into SQL set operations (UNION ALL / UNION / EXCEPT),`
	`47`	`// and entities returned from set operations are materialized as UNTRACKED, regardless of the underlying`
	`48`	`// DbSet's tracking behavior. That caused writes (e.g., ArticlesController.UpdateArticle) that read an`
	`49`	`// entity through this filter, mutated it, and called SaveChangesAsync to silently no-op because the change`
	`50`	`// tracker never saw the entity as Modified.`
	`51`	`//`
	`52`	`// A single .Where(...) predicate preserves the same semantic matrix (tutorials + membership-scoped world`
	`53`	`// articles respecting private ownership) while keeping returned entities tracked.`
19	`54`	`return articles.Where(a =>`
19	`55`	`(a.Type == ArticleType.Tutorial && a.WorldId == Guid.Empty)`
19	`56`	`\|\|`
19	`57`	`(a.Type != ArticleType.Tutorial`
19	`58`	`&& a.WorldId != Guid.Empty`
19	`59`	`&& a.World != null`
19	`60`	`&& a.World.Members.Any(m => m.UserId == userId)`
19	`61`	`&& (a.Visibility != ArticleVisibility.Private \|\| a.CreatedBy == userId)));`
	`62`	`}`
	`63`
	`64`	`public IQueryable<Campaign> ApplyAuthenticatedCampaignFilter(IQueryable<Campaign> campaigns, Guid userId)`
	`65`	`{`
3	`66`	`return campaigns`
3	`67`	`.Where(c => c.World != null && c.World.Members.Any(m => m.UserId == userId));`
	`68`	`}`
	`69`
	`70`	`public IQueryable<Arc> ApplyAuthenticatedArcFilter(IQueryable<Arc> arcs, Guid userId)`
	`71`	`{`
3	`72`	`return arcs`
3	`73`	`.Where(a => a.Campaign != null`
3	`74`	`&& a.Campaign.World != null`
3	`75`	`&& a.Campaign.World.Members.Any(m => m.UserId == userId));`
	`76`	`}`
	`77`
3	`78`	`public bool CanReadWorld(bool isPublic, bool userIsMember) => isPublic \|\| userIsMember;`
	`79`
2	`80`	`public bool CanReadMemberScopedEntity(bool userIsMember) => userIsMember;`
	`81`	`}`

< Summary

Metrics

File(s)

/home/runner/work/chronicis/chronicis/src/Chronicis.Api/Services/ReadAccessPolicyService.cs

Methods/Properties