mirror of
https://github.com/documize/community.git
synced 2025-08-02 20:15:26 +02:00
Make API work with new schema
This commit is contained in:
Harvey Kandola
parent
28342fcf5e
commit
4f0cc2f616
48 changed files with 1218 additions and 1097 deletions
|
|
@ -333,6 +333,7 @@ func (h *Handler) GetUserSpacePermissions(w http.ResponseWriter, r *http.Request
|
|||
perms, err := h.Store.Permission.GetUserSpacePermissions(ctx, spaceID)
|
||||
if err != nil {
|
||||
response.WriteServerError(w, method, err)
|
||||
h.Runtime.Log.Error(method, err)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
@ -354,6 +355,7 @@ func (h *Handler) GetCategoryViewers(w http.ResponseWriter, r *http.Request) {
|
|||
u, err := h.Store.Permission.GetCategoryUsers(ctx, categoryID)
|
||||
if err != nil && err != sql.ErrNoRows {
|
||||
response.WriteServerError(w, method, err)
|
||||
h.Runtime.Log.Error(method, err)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
@ -574,7 +576,7 @@ func (h *Handler) SetDocumentPermissions(w http.ResponseWriter, r *http.Request)
|
|||
return
|
||||
}
|
||||
|
||||
sp, err := h.Store.Space.Get(ctx, doc.LabelID)
|
||||
sp, err := h.Store.Space.Get(ctx, doc.SpaceID)
|
||||
if err != nil {
|
||||
response.WriteNotFoundError(w, method, "space not found")
|
||||
return
|
||||
|
|
@ -639,7 +641,7 @@ func (h *Handler) SetDocumentPermissions(w http.ResponseWriter, r *http.Request)
|
|||
return
|
||||
}
|
||||
|
||||
url := ctx.GetAppURL(fmt.Sprintf("s/%s/%s/d/%s/%s", sp.RefID, stringutil.MakeSlug(sp.Name), doc.RefID, stringutil.MakeSlug(doc.Title)))
|
||||
url := ctx.GetAppURL(fmt.Sprintf("s/%s/%s/d/%s/%s", sp.RefID, stringutil.MakeSlug(sp.Name), doc.RefID, stringutil.MakeSlug(doc.Name)))
|
||||
|
||||
// Permissions can be assigned to both groups and individual users.
|
||||
// Pre-fetch users with group membership to help us work out
|
||||
|
|
@ -701,8 +703,8 @@ func (h *Handler) SetDocumentPermissions(w http.ResponseWriter, r *http.Request)
|
|||
}
|
||||
|
||||
mailer := mail.Mailer{Runtime: h.Runtime, Store: h.Store, Context: ctx}
|
||||
go mailer.DocumentApprover(existingUser.Email, inviter.Fullname(), inviter.Email, url, doc.Title)
|
||||
h.Runtime.Log.Info(fmt.Sprintf("%s has made %s document approver for: %s", inviter.Email, existingUser.Email, doc.Title))
|
||||
go mailer.DocumentApprover(existingUser.Email, inviter.Fullname(), inviter.Email, url, doc.Name)
|
||||
h.Runtime.Log.Info(fmt.Sprintf("%s has made %s document approver for: %s", inviter.Email, existingUser.Email, doc.Name))
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -65,14 +65,15 @@ func (s Scope) GetUserSpacePermissions(ctx domain.RequestContext, spaceID string
|
|||
r = []permission.Permission{}
|
||||
|
||||
err = s.Runtime.Db.Select(&r, `
|
||||
SELECT c_id, orgid, who, whoid, action, scope, location, refid
|
||||
SELECT id, c_orgid AS orgid, c_who AS who, c_whoid AS whoid, c_action AS action,
|
||||
c_scope AS scope, c_location AS location, c_refid AS refid
|
||||
FROM dmz_permission
|
||||
WHERE orgid=? AND location='space' AND refid=? AND who='user' AND (whoid=? OR whoid='0')
|
||||
WHERE c_orgid=? AND c_location='space' AND c_refid=? AND c_who='user' AND (c_whoid=? OR c_whoid='0')
|
||||
UNION ALL
|
||||
SELECT p.id, p.orgid, p.who, p.whoid, p.action, p.scope, p.location, p.refid
|
||||
SELECT p.id, p.c_orgid AS orgid, p.c_who AS who, p.c_whoid AS whoid, p.c_action AS action, p.c_scope AS scope, p.c_location AS location, p.c_refid AS refid
|
||||
FROM dmz_permission p
|
||||
LEFT JOIN rolemember r ON p.whoid=r.roleid
|
||||
WHERE p.orgid=? AND p.location='space' AND refid=? AND p.who='role' AND (r.userid=? OR r.userid='0')`,
|
||||
LEFT JOIN dmz_group_member r ON p.c_whoid=r.c_groupid
|
||||
WHERE p.c_orgid=? AND p.c_location='space' AND c_refid=? AND p.c_who='role' AND (r.c_userid=? OR r.c_userid='0')`,
|
||||
ctx.OrgID, spaceID, ctx.UserID, ctx.OrgID, spaceID, ctx.UserID)
|
||||
|
||||
if err == sql.ErrNoRows {
|
||||
|
|
@ -96,7 +97,7 @@ func (s Scope) GetSpacePermissionsForUser(ctx domain.RequestContext, spaceID, us
|
|||
UNION ALL
|
||||
SELECT p.id, p.c_orgid AS orgid, p.c_who AS who, p.c_whoid AS whoid, p.c_action AS action, p.c_scope AS scope, p.c_location AS location, p.c_refid AS refid
|
||||
FROM dmz_permission p
|
||||
LEFT JOIN dmz_group_member r ON p.c_whoid=r.c_roleid
|
||||
LEFT JOIN dmz_group_member r ON p.c_whoid=r.c_groupid
|
||||
WHERE p.c_orgid=? AND p.c_location='space' AND c_refid=? AND p.c_who='role' AND (r.c_userid=? OR r.c_userid='0')`,
|
||||
ctx.OrgID, spaceID, userID, ctx.OrgID, spaceID, userID)
|
||||
|
||||
|
|
@ -143,7 +144,7 @@ func (s Scope) GetCategoryPermissions(ctx domain.RequestContext, catID string) (
|
|||
SELECT id, p.c_orgid AS orgid, p.c_who AS who, p.c_whoid AS whoid, p.c_action AS action, p.c_scope AS scope, p.c_location AS location, p.c_refid AS refid
|
||||
FROM dmz_permission p
|
||||
LEFT JOIN dmz_group_member r ON p.c_whoid=r.c_groupid
|
||||
WHERE p.orgid=? AND p.location='category' AND p.who='role' AND (p.refid=? OR p.refid='0')`,
|
||||
WHERE p.c_orgid=? AND p.c_location='category' AND p.c_who='role' AND (p.c_refid=? OR p.c_refid='0')`,
|
||||
ctx.OrgID, catID, ctx.OrgID, catID)
|
||||
|
||||
if err == sql.ErrNoRows {
|
||||
|
|
@ -195,7 +196,7 @@ func (s Scope) GetUserCategoryPermissions(ctx domain.RequestContext, userID stri
|
|||
FROM dmz_permission
|
||||
WHERE c_orgid=? AND c_location='category' AND c_who='user' AND (c_whoid=? OR c_whoid='0')
|
||||
UNION ALL
|
||||
SELECT id, p.c_orgid AS orgid, p.c_who AS who, p.c_whoid AS whoid, p.c_action AS action, p.c_scope AS scope, p.c_location AS location, p.c_refid AS refid
|
||||
SELECT p.id, p.c_orgid AS orgid, p.c_who AS who, p.c_whoid AS whoid, p.c_action AS action, p.c_scope AS scope, p.c_location AS location, p.c_refid AS refid
|
||||
FROM dmz_permission p
|
||||
LEFT JOIN dmz_group_member r ON p.c_whoid=r.c_groupid
|
||||
WHERE p.c_orgid=? AND p.c_location='category' AND p.c_who='role' AND (r.c_userid=? OR r.c_userid='0')`,
|
||||
|
|
@ -219,7 +220,7 @@ func (s Scope) GetUserDocumentPermissions(ctx domain.RequestContext, documentID
|
|||
FROM dmz_permission
|
||||
WHERE c_orgid=? AND c_location='document' AND c_refid=? AND c_who='user' AND (c_whoid=? OR c_whoid='0')
|
||||
UNION ALL
|
||||
SELECT id, p.c_orgid AS orgid, p.c_who AS who, p.c_whoid AS whoid, p.c_action AS action, p.c_scope AS scope, p.c_location AS location, p.c_refid AS refid
|
||||
SELECT p.id, p.c_orgid AS orgid, p.c_who AS who, p.c_whoid AS whoid, p.c_action AS action, p.c_scope AS scope, p.c_location AS location, p.c_refid AS refid
|
||||
FROM dmz_permission p
|
||||
LEFT JOIN dmz_group_member r ON p.c_whoid=r.c_groupid
|
||||
WHERE p.c_orgid=? AND p.c_location='document' AND p.c_refid=? AND p.c_who='role' AND (r.c_userid=? OR r.c_userid='0')`,
|
||||
|
|
|
|||
|
|
@ -50,7 +50,7 @@ func CanViewDocument(ctx domain.RequestContext, s domain.Store, documentID strin
|
|||
return false
|
||||
}
|
||||
|
||||
roles, err := s.Permission.GetUserSpacePermissions(ctx, document.LabelID)
|
||||
roles, err := s.Permission.GetUserSpacePermissions(ctx, document.SpaceID)
|
||||
if err == sql.ErrNoRows {
|
||||
err = nil
|
||||
}
|
||||
|
|
@ -59,7 +59,7 @@ func CanViewDocument(ctx domain.RequestContext, s domain.Store, documentID strin
|
|||
}
|
||||
|
||||
for _, role := range roles {
|
||||
if role.RefID == document.LabelID && role.Location == pm.LocationSpace && role.Scope == pm.ScopeRow &&
|
||||
if role.RefID == document.SpaceID && role.Location == pm.LocationSpace && role.Scope == pm.ScopeRow &&
|
||||
pm.ContainsPermission(role.Action, pm.SpaceView, pm.SpaceManage, pm.SpaceOwner) {
|
||||
return true
|
||||
}
|
||||
|
|
@ -79,7 +79,7 @@ func CanChangeDocument(ctx domain.RequestContext, s domain.Store, documentID str
|
|||
return false
|
||||
}
|
||||
|
||||
roles, err := s.Permission.GetUserSpacePermissions(ctx, document.LabelID)
|
||||
roles, err := s.Permission.GetUserSpacePermissions(ctx, document.SpaceID)
|
||||
|
||||
if err == sql.ErrNoRows {
|
||||
err = nil
|
||||
|
|
@ -89,7 +89,7 @@ func CanChangeDocument(ctx domain.RequestContext, s domain.Store, documentID str
|
|||
}
|
||||
|
||||
for _, role := range roles {
|
||||
if role.RefID == document.LabelID && role.Location == pm.LocationSpace && role.Scope == pm.ScopeRow && role.Action == pm.DocumentEdit {
|
||||
if role.RefID == document.SpaceID && role.Location == pm.LocationSpace && role.Scope == pm.ScopeRow && role.Action == pm.DocumentEdit {
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
|
@ -108,7 +108,7 @@ func CanDeleteDocument(ctx domain.RequestContext, s domain.Store, documentID str
|
|||
return false
|
||||
}
|
||||
|
||||
roles, err := s.Permission.GetUserSpacePermissions(ctx, document.LabelID)
|
||||
roles, err := s.Permission.GetUserSpacePermissions(ctx, document.SpaceID)
|
||||
|
||||
if err == sql.ErrNoRows {
|
||||
err = nil
|
||||
|
|
@ -118,7 +118,7 @@ func CanDeleteDocument(ctx domain.RequestContext, s domain.Store, documentID str
|
|||
}
|
||||
|
||||
for _, role := range roles {
|
||||
if role.RefID == document.LabelID && role.Location == "space" && role.Scope == "object" && role.Action == pm.DocumentDelete {
|
||||
if role.RefID == document.SpaceID && role.Location == "space" && role.Scope == "object" && role.Action == pm.DocumentDelete {
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue