diff --git a/domain/category/endpoint.go b/domain/category/endpoint.go index 117f8218..de20b753 100644 --- a/domain/category/endpoint.go +++ b/domain/category/endpoint.go @@ -310,8 +310,6 @@ func (h *Handler) GetSummary(w http.ResponseWriter, r *http.Request) { } /* - - filter users using account.users = true/false - link/unlink document to category - - check print/pdf - filter space documents by category -- URL param? nested route? */ diff --git a/domain/user/endpoint.go b/domain/user/endpoint.go index 501d1a0f..48a626f0 100644 --- a/domain/user/endpoint.go +++ b/domain/user/endpoint.go @@ -35,7 +35,6 @@ import ( "github.com/documize/community/domain/organization" "github.com/documize/community/model/account" "github.com/documize/community/model/audit" - "github.com/documize/community/model/space" "github.com/documize/community/model/user" ) @@ -244,7 +243,6 @@ func (h *Handler) GetOrganizationUsers(w http.ResponseWriter, r *http.Request) { h.Runtime.Log.Error(method, err) return } - } else { u, err = h.Store.User.GetUsersForOrganization(ctx) if err != nil && err != sql.ErrNoRows { @@ -273,45 +271,43 @@ func (h *Handler) GetSpaceUsers(w http.ResponseWriter, r *http.Request) { var u []user.User var err error - folderID := request.Param(r, "folderID") - if len(folderID) == 0 { - response.WriteMissingDataError(w, method, "folderID") + spaceID := request.Param(r, "spaceID") + if len(spaceID) == 0 { + response.WriteMissingDataError(w, method, "spaceID") return } - // check to see space type as it determines user selection criteria - folder, err := h.Store.Space.Get(ctx, folderID) + // Get user account as we need to know if user can see all users. + // account.users == false means we restrict viewing to just space users + account, err := h.Store.Account.GetUserAccount(ctx, ctx.UserID) if err != nil && err != sql.ErrNoRows { response.WriteJSON(w, u) h.Runtime.Log.Error(method, err) return } - switch folder.Type { - case space.ScopePublic: + if account.Users { + // can see all users u, err = h.Store.User.GetActiveUsersForOrganization(ctx) - break - case space.ScopePrivate: - // just me - var me user.User - me, err = h.Store.User.Get(ctx, ctx.UserID) - u = append(u, me) - break - case space.ScopeRestricted: - u, err = h.Store.User.GetSpaceUsers(ctx, folderID) - break + if err != nil && err != sql.ErrNoRows { + response.WriteJSON(w, u) + h.Runtime.Log.Error(method, err) + return + } + } else { + // send back existing space users + u, err = h.Store.User.GetSpaceUsers(ctx, spaceID) + if err != nil && err != sql.ErrNoRows { + response.WriteJSON(w, u) + h.Runtime.Log.Error(method, err) + return + } } if len(u) == 0 { u = []user.User{} } - if err != nil && err != sql.ErrNoRows { - response.WriteJSON(w, u) - h.Runtime.Log.Error(method, err) - return - } - response.WriteJSON(w, u) } diff --git a/domain/user/mysql/store.go b/domain/user/mysql/store.go index a97eea89..3d0d5914 100644 --- a/domain/user/mysql/store.go +++ b/domain/user/mysql/store.go @@ -173,7 +173,9 @@ func (s Scope) GetActiveUsersForOrganization(ctx domain.RequestContext) (u []use // identified in the Persister. func (s Scope) GetUsersForOrganization(ctx domain.RequestContext) (u []user.User, err error) { err = s.Runtime.Db.Select(&u, - "SELECT id, refid, firstname, lastname, email, initials, password, salt, reset, created, revised FROM user WHERE refid IN (SELECT userid FROM account where orgid = ?) ORDER BY firstname,lastname", ctx.OrgID) + `SELECT id, refid, firstname, lastname, email, initials, password, salt, reset, created, revised + FROM user WHERE refid IN (SELECT userid FROM account where orgid = ?) + ORDER BY firstname,lastname`, ctx.OrgID) if err != nil { err = errors.Wrap(err, fmt.Sprintf(" get users for org %s", ctx.OrgID)) @@ -186,7 +188,8 @@ func (s Scope) GetUsersForOrganization(ctx domain.RequestContext) (u []user.User // GetSpaceUsers returns a slice containing all user records for given folder. func (s Scope) GetSpaceUsers(ctx domain.RequestContext, spaceID string) (u []user.User, err error) { err = s.Runtime.Db.Select(&u, ` - SELECT u.id, u.refid, u.firstname, u.lastname, u.email, u.initials, u.password, u.salt, u.reset, u.created, u.revised + SELECT u.id, u.refid, u.firstname, u.lastname, u.email, u.initials, u.password, u.salt, u.reset, u.created, u.revised, u.global + a.active, a.users AS viewusers, a.editor, a.admin FROM user u, account a WHERE a.orgid=? AND u.refid = a.userid AND a.active=1 AND u.refid IN ( SELECT whoid from permission WHERE orgid=? AND who='user' AND scope='object' AND location='space' AND refid=? UNION ALL diff --git a/gui/app/components/folder/category-admin.js b/gui/app/components/folder/category-admin.js index 9a1ae185..cfc6bede 100644 --- a/gui/app/components/folder/category-admin.js +++ b/gui/app/components/folder/category-admin.js @@ -59,7 +59,7 @@ export default Ember.Component.extend(NotifierMixin, TooltipMixin, DropdownMixin }); // get users that this space admin user can see - this.get('userService').getAll().then((users) => { + this.get('userService').getSpaceUsers(this.get('folder.id')).then((users) => { // set up Everyone user let u = { orgId: this.get('folder.orgId'), diff --git a/gui/app/components/folder/permission-admin.js b/gui/app/components/folder/permission-admin.js index 74b0d5df..f0bdb9e1 100644 --- a/gui/app/components/folder/permission-admin.js +++ b/gui/app/components/folder/permission-admin.js @@ -23,15 +23,13 @@ export default Ember.Component.extend(NotifierMixin, { store: service(), didReceiveAttrs() { - this.get('userService').getAll().then((users) => { + this.get('userService').getSpaceUsers(this.get('folder.id')).then((users) => { this.set('users', users); // set up users let folderPermissions = []; users.forEach((user) => { - let isActive = user.get('active'); - let u = { orgId: this.get('folder.orgId'), folderId: this.get('folder.id'), @@ -48,10 +46,8 @@ export default Ember.Component.extend(NotifierMixin, { documentTemplate: false }; - if (isActive) { - let data = this.get('store').normalize('space-permission', u) - folderPermissions.pushObject(this.get('store').push(data)); - } + let data = this.get('store').normalize('space-permission', u) + folderPermissions.pushObject(this.get('store').push(data)); }); // set up Everyone user diff --git a/gui/app/pods/folder/settings/template.hbs b/gui/app/pods/folder/settings/template.hbs index 30f84ce7..2ebab034 100644 --- a/gui/app/pods/folder/settings/template.hbs +++ b/gui/app/pods/folder/settings/template.hbs @@ -9,8 +9,8 @@ {{#if isAuthProviderDocumize}} {{#link-to 'folder.settings.invitation' activeClass='selected' class="option" tagName="li"}}Invite{{/link-to}} {{/if}} - {{#link-to 'folder.settings.security' activeClass='selected' class="option" tagName="li"}}Secure{{/link-to}} - {{#link-to 'folder.settings.category' activeClass='selected' class="option" tagName="li"}}Categorize{{/link-to}} + {{#link-to 'folder.settings.security' activeClass='selected' class="option" tagName="li"}}Permissions{{/link-to}} + {{#link-to 'folder.settings.category' activeClass='selected' class="option" tagName="li"}}Categories{{/link-to}} diff --git a/gui/app/services/user.js b/gui/app/services/user.js index 1379e6c7..31bf870c 100644 --- a/gui/app/services/user.js +++ b/gui/app/services/user.js @@ -66,9 +66,9 @@ export default Ember.Service.extend({ }); }, - // Returns all users that can see folder. - getFolderUsers(folderId) { - let url = `users/folder/${folderId}`; + // Returns all users that can see space. + getSpaceUsers(spaceId) { + let url = `users/space/${spaceId}`; return this.get('ajax').request(url, { method: "GET" diff --git a/model/account/account.go b/model/account/account.go index d82b380a..381bf7b0 100644 --- a/model/account/account.go +++ b/model/account/account.go @@ -18,7 +18,7 @@ type Account struct { model.BaseEntity Admin bool `json:"admin"` Editor bool `json:"editor"` - Users bool `json:"viewUsers"` + Users bool `json:"viewUsers"` // either view all users or just users in your space UserID string `json:"userId"` OrgID string `json:"orgId"` Company string `json:"company"` diff --git a/server/routing/routes.go b/server/routing/routes.go index 757cad2e..ded073cd 100644 --- a/server/routing/routes.go +++ b/server/routing/routes.go @@ -139,7 +139,7 @@ func RegisterEndpoints(rt *env.Runtime, s *domain.Store) { Add(rt, RoutePrefixPrivate, "users/{userID}/password", []string{"POST", "OPTIONS"}, nil, user.ChangePassword) Add(rt, RoutePrefixPrivate, "users", []string{"POST", "OPTIONS"}, nil, user.Add) - Add(rt, RoutePrefixPrivate, "users/folder/{folderID}", []string{"GET", "OPTIONS"}, nil, user.GetSpaceUsers) + Add(rt, RoutePrefixPrivate, "users/space/{spaceID}", []string{"GET", "OPTIONS"}, nil, user.GetSpaceUsers) Add(rt, RoutePrefixPrivate, "users", []string{"GET", "OPTIONS"}, nil, user.GetOrganizationUsers) Add(rt, RoutePrefixPrivate, "users/{userID}", []string{"GET", "OPTIONS"}, nil, user.Get) Add(rt, RoutePrefixPrivate, "users/{userID}", []string{"PUT", "OPTIONS"}, nil, user.Update)