documize/model/permission/space.go

// Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
//
// This software (Documize Community Edition) is licensed under
// GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
//
// You can operate outside the AGPL restrictions by purchasing
// Documize Enterprise Edition and obtaining a commercial license
// by contacting <sales@documize.com>.
//
// https://documize.com

package permission

// Record represents space permissions for a user on a space.
// This data structure is made from database permission records for the space,
// and it is designed to be sent to HTTP clients (web, mobile).
type Record struct {
	OrgID            string  `json:"orgId"`
	SpaceID          string  `json:"folderId"`
	WhoID            string  `json:"whoId"`
	Who              WhoType `json:"who"`
	SpaceView        bool    `json:"spaceView"`
	SpaceManage      bool    `json:"spaceManage"`
	SpaceOwner       bool    `json:"spaceOwner"`
	DocumentAdd      bool    `json:"documentAdd"`
	DocumentEdit     bool    `json:"documentEdit"`
	DocumentDelete   bool    `json:"documentDelete"`
	DocumentMove     bool    `json:"documentMove"`
	DocumentCopy     bool    `json:"documentCopy"`
	DocumentTemplate bool    `json:"documentTemplate"`
	DocumentApprove  bool    `json:"documentApprove"`
	Name             string  `json:"name"` // read-only, user or group name
}

// DecodeUserPermissions returns a flat, usable permission summary record
// from multiple user permission records for a given space.
func DecodeUserPermissions(perm []Permission) (r Record) {
	r = Record{}

	if len(perm) > 0 {
		r.OrgID = perm[0].OrgID
		r.WhoID = perm[0].WhoID
		r.Who = perm[0].Who
		r.SpaceID = perm[0].RefID
	}

	for _, p := range perm {
		switch p.Action {
		case SpaceView:
			r.SpaceView = true
		case SpaceManage:
			r.SpaceManage = true
		case SpaceOwner:
			r.SpaceOwner = true

		case DocumentAdd:
			r.DocumentAdd = true
		case DocumentEdit:
			r.DocumentEdit = true
		case DocumentDelete:
			r.DocumentDelete = true
		case DocumentMove:
			r.DocumentMove = true
		case DocumentCopy:
			r.DocumentCopy = true
		case DocumentTemplate:
			r.DocumentTemplate = true
		case DocumentApprove:
			r.DocumentApprove = true
		}
	}

	return
}

// EncodeUserPermissions returns multiple user permission records
// for a given space, using flat permission summary record.
func EncodeUserPermissions(r Record) (perm []Permission) {
	if r.SpaceView {
		perm = append(perm, EncodeRecord(r, SpaceView))
	}
	if r.SpaceManage {
		perm = append(perm, EncodeRecord(r, SpaceManage))
	}
	if r.SpaceOwner {
		perm = append(perm, EncodeRecord(r, SpaceOwner))
	}

	if r.DocumentAdd {
		perm = append(perm, EncodeRecord(r, DocumentAdd))
	}
	if r.DocumentEdit {
		perm = append(perm, EncodeRecord(r, DocumentEdit))
	}
	if r.DocumentDelete {
		perm = append(perm, EncodeRecord(r, DocumentDelete))
	}
	if r.DocumentMove {
		perm = append(perm, EncodeRecord(r, DocumentMove))
	}
	if r.DocumentCopy {
		perm = append(perm, EncodeRecord(r, DocumentCopy))
	}
	if r.DocumentTemplate {
		perm = append(perm, EncodeRecord(r, DocumentTemplate))
	}
	if r.DocumentApprove {
		perm = append(perm, EncodeRecord(r, DocumentApprove))
	}

	return
}

// HasAnyPermission returns true if user has at least one permission.
func HasAnyPermission(p Record) bool {
	return p.SpaceView || p.SpaceManage || p.SpaceOwner || p.DocumentAdd || p.DocumentEdit ||
		p.DocumentDelete || p.DocumentMove || p.DocumentCopy || p.DocumentTemplate || p.DocumentApprove
}

// EncodeRecord creates standard permission record representing user permissions for a space.
func EncodeRecord(r Record, a Action) (p Permission) {
	p = Permission{}
	p.OrgID = r.OrgID
	p.Who = r.Who
	p.WhoID = r.WhoID
	p.Location = LocationSpace
	p.RefID = r.SpaceID
	p.Action = a
	p.Scope = ScopeRow

	return
}

// CategoryViewRequestModel represents who should be allowed to see a category.
type CategoryViewRequestModel struct {
	OrgID      string `json:"orgId"`
	SpaceID    string `json:"folderId"`
	CategoryID string `json:"categoryID"`
	UserID     string `json:"userId"`
}

// SpaceRequestModel details which users have what permissions on a given space.
type SpaceRequestModel struct {
	Message     string
	Permissions []Record
}
new permission endpoint WIP 2017-09-14 12:54:57 +01:00			`// Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.`
			`//`
			`// This software (Documize Community Edition) is licensed under`
			`// GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html`
			`//`
			`// You can operate outside the AGPL restrictions by purchasing`
			`// Documize Enterprise Edition and obtaining a commercial license`
			`// by contacting <sales@documize.com>.`
			`//`
			`// https://documize.com`

refactored permission code 2017-09-18 17:53:42 +01:00			`package permission`
new permission endpoint WIP 2017-09-14 12:54:57 +01:00
refactored permission code 2017-09-18 17:53:42 +01:00			`// Record represents space permissions for a user on a space.`
new permission endpoint WIP 2017-09-14 12:54:57 +01:00			`// This data structure is made from database permission records for the space,`
			`// and it is designed to be sent to HTTP clients (web, mobile).`
refactored permission code 2017-09-18 17:53:42 +01:00			`type Record struct {`
Persist space permissions for groups and users 2018-03-03 17:46:29 +00:00			OrgID string `json:"orgId"`
			SpaceID string `json:"folderId"`
			WhoID string `json:"whoId"`
			Who WhoType `json:"who"`
			SpaceView bool `json:"spaceView"`
			SpaceManage bool `json:"spaceManage"`
			SpaceOwner bool `json:"spaceOwner"`
			DocumentAdd bool `json:"documentAdd"`
			DocumentEdit bool `json:"documentEdit"`
			DocumentDelete bool `json:"documentDelete"`
			DocumentMove bool `json:"documentMove"`
			DocumentCopy bool `json:"documentCopy"`
			DocumentTemplate bool `json:"documentTemplate"`
			DocumentApprove bool `json:"documentApprove"`
			Name string `json:"name"` // read-only, user or group name
new permission endpoint WIP 2017-09-14 12:54:57 +01:00			`}`

			`// DecodeUserPermissions returns a flat, usable permission summary record`
			`// from multiple user permission records for a given space.`
refactored permission code 2017-09-18 17:53:42 +01:00			`func DecodeUserPermissions(perm []Permission) (r Record) {`
			`r = Record{}`
new permission endpoint WIP 2017-09-14 12:54:57 +01:00
			`if len(perm) > 0 {`
			`r.OrgID = perm[0].OrgID`
Persist space permissions for groups and users 2018-03-03 17:46:29 +00:00			`r.WhoID = perm[0].WhoID`
			`r.Who = perm[0].Who`
new permission endpoint WIP 2017-09-14 12:54:57 +01:00			`r.SpaceID = perm[0].RefID`
			`}`

			`for _, p := range perm {`
			`switch p.Action {`
			`case SpaceView:`
			`r.SpaceView = true`
			`case SpaceManage:`
			`r.SpaceManage = true`
			`case SpaceOwner:`
			`r.SpaceOwner = true`

			`case DocumentAdd:`
			`r.DocumentAdd = true`
			`case DocumentEdit:`
			`r.DocumentEdit = true`
			`case DocumentDelete:`
			`r.DocumentDelete = true`
			`case DocumentMove:`
			`r.DocumentMove = true`
			`case DocumentCopy:`
			`r.DocumentCopy = true`
			`case DocumentTemplate:`
			`r.DocumentTemplate = true`
document approvals and protection 2017-12-24 15:51:43 +00:00			`case DocumentApprove:`
			`r.DocumentApprove = true`
new permission endpoint WIP 2017-09-14 12:54:57 +01:00			`}`
			`}`

			`return`
			`}`

			`// EncodeUserPermissions returns multiple user permission records`
			`// for a given space, using flat permission summary record.`
refactored permission code 2017-09-18 17:53:42 +01:00			`func EncodeUserPermissions(r Record) (perm []Permission) {`
new permission endpoint WIP 2017-09-14 12:54:57 +01:00			`if r.SpaceView {`
persist permissions WIP 2017-09-15 11:08:05 +01:00			`perm = append(perm, EncodeRecord(r, SpaceView))`
new permission endpoint WIP 2017-09-14 12:54:57 +01:00			`}`
			`if r.SpaceManage {`
persist permissions WIP 2017-09-15 11:08:05 +01:00			`perm = append(perm, EncodeRecord(r, SpaceManage))`
new permission endpoint WIP 2017-09-14 12:54:57 +01:00			`}`
			`if r.SpaceOwner {`
persist permissions WIP 2017-09-15 11:08:05 +01:00			`perm = append(perm, EncodeRecord(r, SpaceOwner))`
new permission endpoint WIP 2017-09-14 12:54:57 +01:00			`}`

			`if r.DocumentAdd {`
persist permissions WIP 2017-09-15 11:08:05 +01:00			`perm = append(perm, EncodeRecord(r, DocumentAdd))`
new permission endpoint WIP 2017-09-14 12:54:57 +01:00			`}`
			`if r.DocumentEdit {`
persist permissions WIP 2017-09-15 11:08:05 +01:00			`perm = append(perm, EncodeRecord(r, DocumentEdit))`
new permission endpoint WIP 2017-09-14 12:54:57 +01:00			`}`
			`if r.DocumentDelete {`
persist permissions WIP 2017-09-15 11:08:05 +01:00			`perm = append(perm, EncodeRecord(r, DocumentDelete))`
new permission endpoint WIP 2017-09-14 12:54:57 +01:00			`}`
			`if r.DocumentMove {`
persist permissions WIP 2017-09-15 11:08:05 +01:00			`perm = append(perm, EncodeRecord(r, DocumentMove))`
new permission endpoint WIP 2017-09-14 12:54:57 +01:00			`}`
			`if r.DocumentCopy {`
persist permissions WIP 2017-09-15 11:08:05 +01:00			`perm = append(perm, EncodeRecord(r, DocumentCopy))`
new permission endpoint WIP 2017-09-14 12:54:57 +01:00			`}`
			`if r.DocumentTemplate {`
persist permissions WIP 2017-09-15 11:08:05 +01:00			`perm = append(perm, EncodeRecord(r, DocumentTemplate))`
new permission endpoint WIP 2017-09-14 12:54:57 +01:00			`}`
document approvals and protection 2017-12-24 15:51:43 +00:00			`if r.DocumentApprove {`
			`perm = append(perm, EncodeRecord(r, DocumentApprove))`
			`}`
new permission endpoint WIP 2017-09-14 12:54:57 +01:00
			`return`
			`}`

persist permissions WIP 2017-09-15 11:08:05 +01:00			`// HasAnyPermission returns true if user has at least one permission.`
refactored permission code 2017-09-18 17:53:42 +01:00			`func HasAnyPermission(p Record) bool {`
persist permissions WIP 2017-09-15 11:08:05 +01:00			`return p.SpaceView \|\| p.SpaceManage \|\| p.SpaceOwner \|\| p.DocumentAdd \|\| p.DocumentEdit \|\|`
document approvals and protection 2017-12-24 15:51:43 +00:00			`p.DocumentDelete \|\| p.DocumentMove \|\| p.DocumentCopy \|\| p.DocumentTemplate \|\| p.DocumentApprove`
persist permissions WIP 2017-09-15 11:08:05 +01:00			`}`

			`// EncodeRecord creates standard permission record representing user permissions for a space.`
refactored permission code 2017-09-18 17:53:42 +01:00			`func EncodeRecord(r Record, a Action) (p Permission) {`
new permission endpoint WIP 2017-09-14 12:54:57 +01:00			`p = Permission{}`
			`p.OrgID = r.OrgID`
Persist space permissions for groups and users 2018-03-03 17:46:29 +00:00			`p.Who = r.Who`
			`p.WhoID = r.WhoID`
Replace permission related strings with typed values 2018-03-02 14:47:58 +00:00			`p.Location = LocationSpace`
new permission endpoint WIP 2017-09-14 12:54:57 +01:00			`p.RefID = r.SpaceID`
			`p.Action = a`
Replace permission related strings with typed values 2018-03-02 14:47:58 +00:00			`p.Scope = ScopeRow`
new permission endpoint WIP 2017-09-14 12:54:57 +01:00
			`return`
			`}`
category permission admin, re-vamped view layout 2017-09-21 15:48:00 +01:00
			`// CategoryViewRequestModel represents who should be allowed to see a category.`
			`type CategoryViewRequestModel struct {`
			OrgID string `json:"orgId"`
			SpaceID string `json:"folderId"`
			CategoryID string `json:"categoryID"`
			UserID string `json:"userId"`
			`}`
document level permissions 2017-12-26 13:25:10 +00:00
			`// SpaceRequestModel details which users have what permissions on a given space.`
			`type SpaceRequestModel struct {`
			`Message string`
			`Permissions []Record`
			`}`