From 7a5572ad7cfa62a412b11e30f51c4a2004082b0a Mon Sep 17 00:00:00 2001
From: Nikolay Zlatev <nik@astrapaging.com>
Date: Mon, 16 Oct 2023 09:41:49 +0300
Subject: [PATCH] user.Manager: further improve ACL write/read order

For each user, we should test in order `THE_LONGEST_RULE`->`WRITE_PERMISSION`
---
 user/manager.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/user/manager.go b/user/manager.go
index bf69d35b..123edf84 100644
--- a/user/manager.go
+++ b/user/manager.go
@@ -161,7 +161,7 @@ const (
 		FROM user_access a
 		JOIN user u ON u.id = a.user_id
 		WHERE (u.user = ? OR u.user = ?) AND ? LIKE a.topic ESCAPE '\'
-		ORDER BY u.user DESC, a.write DESC
+		ORDER BY u.user DESC, LENGTH(a.topic) DESC, a.write DESC
 	`
 
 	insertUserQuery = `
@@ -197,13 +197,13 @@ const (
 	selectUserAllAccessQuery = `
 		SELECT user_id, topic, read, write
 		FROM user_access
-		ORDER BY write DESC, read DESC, topic
+		ORDER BY LENGTH(topic) DESC, write DESC, read DESC, topic
 	`
 	selectUserAccessQuery = `
 		SELECT topic, read, write
 		FROM user_access
 		WHERE user_id = (SELECT id FROM user WHERE user = ?)
-		ORDER BY write DESC, read DESC, topic
+		ORDER BY LENGTH(topic) DESC, write DESC, read DESC, topic
 	`
 	selectUserReservationsQuery = `
 		SELECT a_user.topic, a_user.read, a_user.write, a_everyone.read AS everyone_read, a_everyone.write AS everyone_write