From cd8e667f39f4bddbefb84c06768d267908671193 Mon Sep 17 00:00:00 2001
From: Adria Navarro <adria@budibase.com>
Date: Wed, 6 Sep 2023 00:23:19 +0200
Subject: [PATCH 1/2] Fix permission sdk usage on auth middleware

---
 .../server/src/sdk/app/permissions/index.ts    | 18 ++++--------------
 1 file changed, 4 insertions(+), 14 deletions(-)

diff --git a/packages/server/src/sdk/app/permissions/index.ts b/packages/server/src/sdk/app/permissions/index.ts
index 53f6756ae1..b79bfeeb31 100644
--- a/packages/server/src/sdk/app/permissions/index.ts
+++ b/packages/server/src/sdk/app/permissions/index.ts
@@ -1,18 +1,13 @@
-import { context, db, env, roles } from "@budibase/backend-core"
+import { db, env, roles } from "@budibase/backend-core"
 import { features } from "@budibase/pro"
 import {
   DocumentType,
   PermissionLevel,
   PermissionSource,
   PlanType,
-  Role,
   VirtualDocumentType,
 } from "@budibase/types"
-import {
-  extractViewInfoFromID,
-  getRoleParams,
-  isViewID,
-} from "../../../db/utils"
+import { extractViewInfoFromID, isViewID } from "../../../db/utils"
 import {
   CURRENTLY_SUPPORTED_LEVELS,
   getBasePermissions,
@@ -84,13 +79,8 @@ export async function allowsExplicitPermissions(resourceId: string) {
 export async function getResourcePerms(
   resourceId: string
 ): Promise<ResourcePermissions> {
-  const db = context.getAppDB()
-  const body = await db.allDocs(
-    getRoleParams(null, {
-      include_docs: true,
-    })
-  )
-  const rolesList = body.rows.map<Role>(row => row.doc)
+  const rolesList = await roles.getAllRoles()
+
   let permissions: ResourcePermissions = {}
 
   const permsToInherit = await getInheritablePermissions(resourceId)

From b0dc777af722d828f219b7869797b5ae4316af15 Mon Sep 17 00:00:00 2001
From: Adria Navarro <adria@budibase.com>
Date: Wed, 6 Sep 2023 01:34:39 +0200
Subject: [PATCH 2/2] Fix role tests

---
 packages/backend-core/src/security/roles.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/backend-core/src/security/roles.ts b/packages/backend-core/src/security/roles.ts
index 05d536562b..e87df2e9c9 100644
--- a/packages/backend-core/src/security/roles.ts
+++ b/packages/backend-core/src/security/roles.ts
@@ -380,8 +380,8 @@ export function getDBRoleID(roleName: string) {
 export function getExternalRoleID(roleId: string, version?: string) {
   // for built-in roles we want to remove the DB role ID element (role_)
   if (
-    (roleId.startsWith(DocumentType.ROLE) && isBuiltin(roleId)) ||
-    version === RoleIDVersion.NAME
+    roleId.startsWith(DocumentType.ROLE) &&
+    (isBuiltin(roleId) || version === RoleIDVersion.NAME)
   ) {
     return roleId.split(`${DocumentType.ROLE}${SEPARATOR}`)[1]
   }