From a815cc73194941ff0c79835523be4da2d3d0669f Mon Sep 17 00:00:00 2001
From: romit <romitgabani@icloud.com>
Date: Mon, 28 Jul 2025 15:29:54 +0530
Subject: [PATCH 1/2] fix authorization checking logic

---
 packages/lib/server/service/insightsBooking.ts | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/packages/lib/server/service/insightsBooking.ts b/packages/lib/server/service/insightsBooking.ts
index 08a3a7e74685de..acd71b8948150c 100644
--- a/packages/lib/server/service/insightsBooking.ts
+++ b/packages/lib/server/service/insightsBooking.ts
@@ -185,7 +185,9 @@ export class InsightsBookingService {
 
   async getBaseConditions(): Promise<Prisma.Sql> {
     const authConditions = await this.getAuthorizationConditions();
+    console.log("------ authConditions", authConditions);
     const filterConditions = await this.getFilterConditions();
+    console.log("------ filterConditions", filterConditions);
 
     if (authConditions && filterConditions) {
       return Prisma.sql`((${authConditions}) AND (${filterConditions}))`;
@@ -261,14 +263,17 @@ export class InsightsBookingService {
     if (!this.options) {
       return NOTHING_CONDITION;
     }
+
+    if (this.options.scope === "user") {
+      return Prisma.sql`("userId" = ${this.options.userId}) AND ("teamId" IS NULL)`;
+    }
+
     const isOwnerOrAdmin = await this.isOrgOwnerOrAdmin(this.options.userId, this.options.orgId);
     if (!isOwnerOrAdmin) {
       return NOTHING_CONDITION;
     }
 
-    if (this.options.scope === "user") {
-      return Prisma.sql`("userId" = ${this.options.userId}) AND ("teamId" IS NULL)`;
-    } else if (this.options.scope === "org") {
+    if (this.options.scope === "org") {
       return await this.buildOrgAuthorizationCondition(this.options);
     } else if (this.options.scope === "team") {
       return await this.buildTeamAuthorizationCondition(this.options);
@@ -344,6 +349,7 @@ export class InsightsBookingService {
 
   async getCsvData({ limit = 100, offset = 0 }: { limit?: number; offset?: number }) {
     const baseConditions = await this.getBaseConditions();
+    console.log("------ base conditions", baseConditions);
 
     // Get total count first
     const totalCountResult = await this.prisma.$queryRaw<[{ count: number }]>`

From ef0b02ae7246808b722d6cb1a9982dd6b4b17136 Mon Sep 17 00:00:00 2001
From: romit <romitgabani@icloud.com>
Date: Mon, 28 Jul 2025 15:33:53 +0530
Subject: [PATCH 2/2] chore

---
 packages/lib/server/service/insightsBooking.ts | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/packages/lib/server/service/insightsBooking.ts b/packages/lib/server/service/insightsBooking.ts
index acd71b8948150c..4d74226b7e237b 100644
--- a/packages/lib/server/service/insightsBooking.ts
+++ b/packages/lib/server/service/insightsBooking.ts
@@ -185,9 +185,7 @@ export class InsightsBookingService {
 
   async getBaseConditions(): Promise<Prisma.Sql> {
     const authConditions = await this.getAuthorizationConditions();
-    console.log("------ authConditions", authConditions);
     const filterConditions = await this.getFilterConditions();
-    console.log("------ filterConditions", filterConditions);
 
     if (authConditions && filterConditions) {
       return Prisma.sql`((${authConditions}) AND (${filterConditions}))`;
@@ -349,7 +347,6 @@ export class InsightsBookingService {
 
   async getCsvData({ limit = 100, offset = 0 }: { limit?: number; offset?: number }) {
     const baseConditions = await this.getBaseConditions();
-    console.log("------ base conditions", baseConditions);
 
     // Get total count first
     const totalCountResult = await this.prisma.$queryRaw<[{ count: number }]>`