mirror of
https://github.com/documize/community.git
synced 2025-07-22 22:59:43 +02:00
Replace permission related strings with typed values
This commit is contained in:
sauls8t
parent
99f0a16d71
commit
08f0c2cd0b
8 changed files with 72 additions and 58 deletions
|
|
@ -82,10 +82,10 @@ func (h *Handler) Add(w http.ResponseWriter, r *http.Request) {
|
|||
|
||||
perm := pm.Permission{}
|
||||
perm.OrgID = ctx.OrgID
|
||||
perm.Who = "user"
|
||||
perm.Who = pm.UserPermission
|
||||
perm.WhoID = ctx.UserID
|
||||
perm.Scope = "object"
|
||||
perm.Location = "category"
|
||||
perm.Scope = pm.ScopeRow
|
||||
perm.Location = pm.LocationCategory
|
||||
perm.RefID = cat.RefID
|
||||
perm.Action = pm.CategoryView
|
||||
|
||||
|
|
|
|||
|
|
@ -30,7 +30,6 @@ import (
|
|||
"github.com/documize/community/model/audit"
|
||||
"github.com/documize/community/model/permission"
|
||||
"github.com/documize/community/model/space"
|
||||
"github.com/documize/community/model/user"
|
||||
)
|
||||
|
||||
// Handler contains the runtime information such as logging and database.
|
||||
|
|
@ -178,10 +177,10 @@ func (h *Handler) SetSpacePermissions(w http.ResponseWriter, r *http.Request) {
|
|||
if !me {
|
||||
perm := permission.Permission{}
|
||||
perm.OrgID = ctx.OrgID
|
||||
perm.Who = "user"
|
||||
perm.Who = permission.UserPermission
|
||||
perm.WhoID = ctx.UserID
|
||||
perm.Scope = "object"
|
||||
perm.Location = "space"
|
||||
perm.Scope = permission.ScopeRow
|
||||
perm.Location = permission.LocationSpace
|
||||
perm.RefID = id
|
||||
perm.Action = "" // we send array for actions below
|
||||
|
||||
|
|
@ -236,9 +235,6 @@ func (h *Handler) GetSpacePermissions(w http.ResponseWriter, r *http.Request) {
|
|||
response.WriteServerError(w, method, err)
|
||||
return
|
||||
}
|
||||
if len(perms) == 0 {
|
||||
perms = []permission.Permission{}
|
||||
}
|
||||
|
||||
userPerms := make(map[string][]permission.Permission)
|
||||
for _, p := range perms {
|
||||
|
|
@ -269,9 +265,6 @@ func (h *Handler) GetUserSpacePermissions(w http.ResponseWriter, r *http.Request
|
|||
response.WriteServerError(w, method, err)
|
||||
return
|
||||
}
|
||||
if len(perms) == 0 {
|
||||
perms = []permission.Permission{}
|
||||
}
|
||||
|
||||
record := permission.DecodeUserPermissions(perms)
|
||||
response.WriteJSON(w, record)
|
||||
|
|
@ -293,9 +286,6 @@ func (h *Handler) GetCategoryViewers(w http.ResponseWriter, r *http.Request) {
|
|||
response.WriteServerError(w, method, err)
|
||||
return
|
||||
}
|
||||
if len(u) == 0 {
|
||||
u = []user.User{}
|
||||
}
|
||||
|
||||
response.WriteJSON(w, u)
|
||||
}
|
||||
|
|
@ -316,9 +306,6 @@ func (h *Handler) GetCategoryPermissions(w http.ResponseWriter, r *http.Request)
|
|||
response.WriteServerError(w, method, err)
|
||||
return
|
||||
}
|
||||
if len(u) == 0 {
|
||||
u = []permission.Permission{}
|
||||
}
|
||||
|
||||
response.WriteJSON(w, u)
|
||||
}
|
||||
|
|
@ -380,10 +367,10 @@ func (h *Handler) SetCategoryPermissions(w http.ResponseWriter, r *http.Request)
|
|||
for _, m := range model {
|
||||
perm := permission.Permission{}
|
||||
perm.OrgID = ctx.OrgID
|
||||
perm.Who = "user"
|
||||
perm.Who = permission.UserPermission
|
||||
perm.WhoID = m.UserID
|
||||
perm.Scope = "object"
|
||||
perm.Location = "category"
|
||||
perm.Scope = permission.ScopeRow
|
||||
perm.Location = permission.LocationCategory
|
||||
perm.RefID = m.CategoryID
|
||||
perm.Action = permission.CategoryView
|
||||
|
||||
|
|
@ -418,9 +405,6 @@ func (h *Handler) GetDocumentPermissions(w http.ResponseWriter, r *http.Request)
|
|||
response.WriteServerError(w, method, err)
|
||||
return
|
||||
}
|
||||
if len(perms) == 0 {
|
||||
perms = []permission.Permission{}
|
||||
}
|
||||
|
||||
userPerms := make(map[string][]permission.Permission)
|
||||
for _, p := range perms {
|
||||
|
|
@ -451,9 +435,6 @@ func (h *Handler) GetUserDocumentPermissions(w http.ResponseWriter, r *http.Requ
|
|||
response.WriteServerError(w, method, err)
|
||||
return
|
||||
}
|
||||
if len(perms) == 0 {
|
||||
perms = []permission.Permission{}
|
||||
}
|
||||
|
||||
record := permission.DecodeUserDocumentPermissions(perms)
|
||||
response.WriteJSON(w, record)
|
||||
|
|
|
|||
|
|
@ -110,10 +110,10 @@ func (h *Handler) Add(w http.ResponseWriter, r *http.Request) {
|
|||
|
||||
perm := permission.Permission{}
|
||||
perm.OrgID = sp.OrgID
|
||||
perm.Who = "user"
|
||||
perm.Who = permission.UserPermission
|
||||
perm.WhoID = ctx.UserID
|
||||
perm.Scope = "object"
|
||||
perm.Location = "space"
|
||||
perm.Scope = permission.ScopeRow
|
||||
perm.Location = permission.LocationSpace
|
||||
perm.RefID = sp.RefID
|
||||
perm.Action = "" // we send array for actions below
|
||||
|
||||
|
|
@ -800,10 +800,10 @@ func (h *Handler) Invite(w http.ResponseWriter, r *http.Request) {
|
|||
|
||||
perm := permission.Permission{}
|
||||
perm.OrgID = sp.OrgID
|
||||
perm.Who = "user"
|
||||
perm.Who = permission.UserPermission
|
||||
perm.WhoID = u.RefID
|
||||
perm.Scope = "object"
|
||||
perm.Location = "space"
|
||||
perm.Scope = permission.ScopeRow
|
||||
perm.Location = permission.LocationSpace
|
||||
perm.RefID = sp.RefID
|
||||
perm.Action = "" // we send array for actions below
|
||||
|
||||
|
|
|
|||
|
|
@ -64,10 +64,10 @@ func inviteNewUserToSharedSpace(ctx domain.RequestContext, rt *env.Runtime, s *d
|
|||
|
||||
perm := permission.Permission{}
|
||||
perm.OrgID = sp.OrgID
|
||||
perm.Who = "user"
|
||||
perm.Who = permission.UserPermission
|
||||
perm.WhoID = userID
|
||||
perm.Scope = "object"
|
||||
perm.Location = "space"
|
||||
perm.Scope = permission.ScopeRow
|
||||
perm.Location = permission.LocationSpace
|
||||
perm.RefID = sp.RefID
|
||||
perm.Action = "" // we send array for actions below
|
||||
|
||||
|
|
|
|||
|
|
@ -42,8 +42,8 @@ func TestSpace(t *testing.T) {
|
|||
perm.OrgID = ctx.OrgID
|
||||
perm.Who = "user"
|
||||
perm.WhoID = ctx.UserID
|
||||
perm.Scope = "object"
|
||||
perm.Location = "space"
|
||||
perm.Scope = permission.ScopeRow
|
||||
perm.Location = permission.LocationSpace
|
||||
perm.RefID = spaceID
|
||||
perm.Action = "" // we send array for actions below
|
||||
|
||||
|
|
@ -109,8 +109,8 @@ func TestSpace(t *testing.T) {
|
|||
perm.OrgID = ctx.OrgID
|
||||
perm.Who = "user"
|
||||
perm.WhoID = ctx.UserID
|
||||
perm.Scope = "object"
|
||||
perm.Location = "space"
|
||||
perm.Scope = permission.ScopeRow
|
||||
perm.Location = permission.LocationSpace
|
||||
perm.RefID = spaceID2
|
||||
perm.Action = "" // we send array for actions below
|
||||
|
||||
|
|
@ -170,8 +170,8 @@ func TestSpace(t *testing.T) {
|
|||
perm.OrgID = ctx.OrgID
|
||||
perm.Who = "user"
|
||||
perm.WhoID = ctx.UserID
|
||||
perm.Scope = "object"
|
||||
perm.Location = "space"
|
||||
perm.Scope = permission.ScopeRow
|
||||
perm.Location = permission.LocationSpace
|
||||
perm.RefID = spaceID
|
||||
perm.Action = "" // we send array for actions below
|
||||
|
||||
|
|
|
|||
|
|
@ -17,15 +17,48 @@ import "time"
|
|||
type Permission struct {
|
||||
ID uint64 `json:"id"`
|
||||
OrgID string `json:"orgId"`
|
||||
Who string `json:"who"` // user, role
|
||||
Who WhoType `json:"who"` // user, role
|
||||
WhoID string `json:"whoId"` // either a user or role ID
|
||||
Action Action `json:"action"` // view, edit, delete
|
||||
Scope string `json:"scope"` // object, table
|
||||
Location string `json:"location"` // table name
|
||||
Scope ScopeType `json:"scope"` // object, table
|
||||
Location LocationType `json:"location"` // table name
|
||||
RefID string `json:"refId"` // id of row in table / blank when scope=table
|
||||
Created time.Time `json:"created"`
|
||||
}
|
||||
|
||||
// WhoType tell us if permission record represents user or group
|
||||
type WhoType string
|
||||
|
||||
const (
|
||||
// GroupPermission means permission is assigned to a group
|
||||
GroupPermission WhoType = "role"
|
||||
|
||||
// UserPermission means permission is assigned to a user
|
||||
UserPermission WhoType = "user"
|
||||
)
|
||||
|
||||
// LocationType tells us the entity being permissioned
|
||||
type LocationType string
|
||||
|
||||
const (
|
||||
// LocationSpace means space is being permissioned
|
||||
LocationSpace LocationType = "space"
|
||||
|
||||
// LocationCategory means category is being permissioned
|
||||
LocationCategory LocationType = "category"
|
||||
|
||||
// LocationDocument means document is being permissioned
|
||||
LocationDocument LocationType = "document"
|
||||
)
|
||||
|
||||
// ScopeType details at what level data is being protected, e.g. table, row
|
||||
type ScopeType string
|
||||
|
||||
const (
|
||||
// ScopeRow identifies row in table is being protected
|
||||
ScopeRow ScopeType = "object"
|
||||
)
|
||||
|
||||
// Action details type of action
|
||||
type Action string
|
||||
|
||||
|
|
|
|||
|
|
@ -67,12 +67,12 @@ func HasAnyDocumentPermission(p DocumentRecord) bool {
|
|||
func EncodeDocumentRecord(r DocumentRecord, a Action) (p Permission) {
|
||||
p = Permission{}
|
||||
p.OrgID = r.OrgID
|
||||
p.Who = "user"
|
||||
p.Who = UserPermission
|
||||
p.WhoID = r.UserID
|
||||
p.Location = "document"
|
||||
p.Location = LocationDocument
|
||||
p.RefID = r.DocumentID
|
||||
p.Action = a
|
||||
p.Scope = "object" // default to row level permission
|
||||
p.Scope = ScopeRow
|
||||
|
||||
return
|
||||
}
|
||||
|
|
|
|||
|
|
@ -118,12 +118,12 @@ func HasAnyPermission(p Record) bool {
|
|||
func EncodeRecord(r Record, a Action) (p Permission) {
|
||||
p = Permission{}
|
||||
p.OrgID = r.OrgID
|
||||
p.Who = "user"
|
||||
p.Who = UserPermission
|
||||
p.WhoID = r.UserID
|
||||
p.Location = "space"
|
||||
p.Location = LocationSpace
|
||||
p.RefID = r.SpaceID
|
||||
p.Action = a
|
||||
p.Scope = "object" // default to row level permission
|
||||
p.Scope = ScopeRow
|
||||
|
||||
return
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue