Add new check permissions helper

2025-07-24 07:39:43 +02:00 · 2018-06-27 13:09:25 +01:00 · 2018-06-27 13:09:25 +01:00 · 5ed180396e
commit 5ed180396e
parent ad44112359
3 changed files with 51 additions and 1 deletions
--- a/domain/permission/permission.go
+++ b/domain/permission/permission.go
@ -203,7 +203,7 @@ func CanManageVersion(ctx domain.RequestContext, s domain.Store, spaceID string)
 	return false
 }

-// HasPermission returns if user can perform specified actions.
+// HasPermission returns if current user can perform specified actions.
 func HasPermission(ctx domain.RequestContext, s domain.Store, spaceID string, actions ...pm.Action) bool {
 	roles, err := s.Permission.GetUserSpacePermissions(ctx, spaceID)

@ -227,6 +227,30 @@ func HasPermission(ctx domain.RequestContext, s domain.Store, spaceID string, ac
 	return false
 }

+// CheckPermission returns if specified user can perform specified actions.
+func CheckPermission(ctx domain.RequestContext, s domain.Store, spaceID string, userID string, actions ...pm.Action) bool {
+	roles, err := s.Permission.GetSpacePermissionsForUser(ctx, spaceID, userID)
+
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+	if err != nil {
+		return false
+	}
+
+	for _, role := range roles {
+		if role.RefID == spaceID && role.Location == pm.LocationSpace && role.Scope == pm.ScopeRow {
+			for _, a := range actions {
+				if role.Action == a {
+					return true
+				}
+			}
+		}
+	}
+
+	return false
+}
+
 // GetUsersWithDocumentPermission returns list of users who have specified document permission in given space
 func GetUsersWithDocumentPermission(ctx domain.RequestContext, s domain.Store, spaceID, documentID string, permissionRequired pm.Action) (users []u.User, err error) {
 	users = []u.User{}