refactored permission code

domain/permission/endpoint.go

@@ -0,0 +1,278 @@
+// Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
+//
+// This software (Documize Community Edition) is licensed under
+// GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
+//
+// You can operate outside the AGPL restrictions by purchasing
+// Documize Enterprise Edition and obtaining a commercial license
+// by contacting <sales@documize.com>.
+//
+// https://documize.com
+
+// Package permission handles API calls and persistence for spaces.
+// Spaces in Documize contain documents.
+package permission
+
+import (
+	"database/sql"
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+
+	"github.com/documize/community/core/env"
+	"github.com/documize/community/core/request"
+	"github.com/documize/community/core/response"
+	"github.com/documize/community/core/streamutil"
+	"github.com/documize/community/core/stringutil"
+	"github.com/documize/community/domain"
+	"github.com/documize/community/domain/mail"
+	"github.com/documize/community/model/audit"
+	"github.com/documize/community/model/permission"
+	"github.com/documize/community/model/space"
+)
+
+// Handler contains the runtime information such as logging and database.
+type Handler struct {
+	Runtime *env.Runtime
+	Store   *domain.Store
+}
+
+// SetSpacePermissions persists specified space permissions
+func (h *Handler) SetSpacePermissions(w http.ResponseWriter, r *http.Request) {
+	method := "space.SetPermissions"
+	ctx := domain.GetRequestContext(r)
+
+	if !ctx.Editor {
+		response.WriteForbiddenError(w)
+		return
+	}
+
+	id := request.Param(r, "spaceID")
+	if len(id) == 0 {
+		response.WriteMissingDataError(w, method, "spaceID")
+		return
+	}
+
+	sp, err := h.Store.Space.Get(ctx, id)
+	if err != nil {
+		response.WriteNotFoundError(w, method, "space not found")
+		return
+	}
+
+	if sp.UserID != ctx.UserID {
+		response.WriteForbiddenError(w)
+		return
+	}
+
+	defer streamutil.Close(r.Body)
+	body, err := ioutil.ReadAll(r.Body)
+	if err != nil {
+		response.WriteBadRequestError(w, method, err.Error())
+		h.Runtime.Log.Error(method, err)
+		return
+	}
+
+	var model = permission.PermissionsModel{}
+	err = json.Unmarshal(body, &model)
+	if err != nil {
+		response.WriteServerError(w, method, err)
+		h.Runtime.Log.Error(method, err)
+		return
+	}
+
+	ctx.Transaction, err = h.Runtime.Db.Beginx()
+	if err != nil {
+		response.WriteServerError(w, method, err)
+		h.Runtime.Log.Error(method, err)
+		return
+	}
+
+	// We compare new permisions to what we had before.
+	// Why? So we can send out space invitation emails.
+	previousRoles, err := h.Store.Permission.GetSpacePermissions(ctx, id)
+	if err != nil {
+		ctx.Transaction.Rollback()
+		response.WriteServerError(w, method, err)
+		h.Runtime.Log.Error(method, err)
+		return
+	}
+
+	// Store all previous roles as map for easy querying
+	previousRoleUsers := make(map[string]bool)
+	for _, v := range previousRoles {
+		previousRoleUsers[v.WhoID] = true
+	}
+
+	// Who is sharing this space?
+	inviter, err := h.Store.User.Get(ctx, ctx.UserID)
+	if err != nil {
+		ctx.Transaction.Rollback()
+		response.WriteServerError(w, method, err)
+		h.Runtime.Log.Error(method, err)
+		return
+	}
+
+	// Nuke all previous permissions for this space
+	_, err = h.Store.Permission.DeleteSpacePermissions(ctx, id)
+	if err != nil {
+		ctx.Transaction.Rollback()
+		response.WriteServerError(w, method, err)
+		h.Runtime.Log.Error(method, err)
+		return
+	}
+
+	me := false
+	hasEveryoneRole := false
+	roleCount := 0
+
+	url := ctx.GetAppURL(fmt.Sprintf("s/%s/%s", sp.RefID, stringutil.MakeSlug(sp.Name)))
+
+	for _, perm := range model.Permissions {
+		perm.OrgID = ctx.OrgID
+		perm.SpaceID = id
+
+		// Ensure the space owner always has access!
+		if perm.UserID == ctx.UserID {
+			me = true
+		}
+
+		// Only persist if there is a role!
+		if permission.HasAnyPermission(perm) {
+			// identify publically shared spaces
+			if len(perm.UserID) == 0 {
+				hasEveryoneRole = true
+			}
+
+			r := permission.EncodeUserPermissions(perm)
+
+			for _, p := range r {
+				err = h.Store.Permission.AddPermission(ctx, p)
+				if err != nil {
+					h.Runtime.Log.Error("set permission", err)
+				}
+
+				roleCount++
+			}
+
+			// We send out space invitation emails to those users
+			// that have *just* been given permissions.
+			if _, isExisting := previousRoleUsers[perm.UserID]; !isExisting {
+
+				// we skip 'everyone' (user id != empty string)
+				if len(perm.UserID) > 0 {
+					existingUser, err := h.Store.User.Get(ctx, perm.UserID)
+					if err != nil {
+						response.WriteServerError(w, method, err)
+						break
+					}
+
+					mailer := mail.Mailer{Runtime: h.Runtime, Store: h.Store, Context: ctx}
+					go mailer.ShareSpaceExistingUser(existingUser.Email, inviter.Fullname(), url, sp.Name, model.Message)
+					h.Runtime.Log.Info(fmt.Sprintf("%s is sharing space %s with existing user %s", inviter.Email, sp.Name, existingUser.Email))
+				}
+			}
+		}
+	}
+
+	// Do we need to ensure permissions for space owner when shared?
+	if !me {
+		perm := permission.Permission{}
+		perm.OrgID = ctx.OrgID
+		perm.Who = "user"
+		perm.WhoID = ctx.UserID
+		perm.Scope = "object"
+		perm.Location = "space"
+		perm.RefID = id
+		perm.Action = "" // we send array for actions below
+
+		err = h.Store.Permission.AddPermissions(ctx, perm, permission.SpaceView, permission.SpaceManage)
+		if err != nil {
+			ctx.Transaction.Rollback()
+			response.WriteServerError(w, method, err)
+			return
+		}
+	}
+
+	// Mark up space type as either public, private or restricted access.
+	if hasEveryoneRole {
+		sp.Type = space.ScopePublic
+	} else {
+		if roleCount > 1 {
+			sp.Type = space.ScopeRestricted
+		} else {
+			sp.Type = space.ScopePrivate
+		}
+	}
+
+	err = h.Store.Space.Update(ctx, sp)
+	if err != nil {
+		ctx.Transaction.Rollback()
+		response.WriteServerError(w, method, err)
+		h.Runtime.Log.Error(method, err)
+		return
+	}
+
+	h.Store.Audit.Record(ctx, audit.EventTypeSpacePermission)
+
+	ctx.Transaction.Commit()
+
+	response.WriteEmpty(w)
+}
+
+// GetSpacePermissions returns permissions for alll users for given space.
+func (h *Handler) GetSpacePermissions(w http.ResponseWriter, r *http.Request) {
+	method := "space.GetPermissions"
+	ctx := domain.GetRequestContext(r)
+
+	spaceID := request.Param(r, "spaceID")
+	if len(spaceID) == 0 {
+		response.WriteMissingDataError(w, method, "spaceID")
+		return
+	}
+
+	perms, err := h.Store.Permission.GetSpacePermissions(ctx, spaceID)
+	if err != nil && err != sql.ErrNoRows {
+		response.WriteServerError(w, method, err)
+		return
+	}
+	if len(perms) == 0 {
+		perms = []permission.Permission{}
+	}
+
+	userPerms := make(map[string][]permission.Permission)
+	for _, p := range perms {
+		userPerms[p.WhoID] = append(userPerms[p.WhoID], p)
+	}
+
+	records := []permission.Record{}
+	for _, up := range userPerms {
+		records = append(records, permission.DecodeUserPermissions(up))
+	}
+
+	response.WriteJSON(w, records)
+}
+
+// GetUserSpacePermissions returns permissions for the requested space, for current user.
+func (h *Handler) GetUserSpacePermissions(w http.ResponseWriter, r *http.Request) {
+	method := "space.GetUserSpacePermissions"
+	ctx := domain.GetRequestContext(r)
+
+	spaceID := request.Param(r, "spaceID")
+	if len(spaceID) == 0 {
+		response.WriteMissingDataError(w, method, "spaceID")
+		return
+	}
+
+	perms, err := h.Store.Permission.GetUserSpacePermissions(ctx, spaceID)
+	if err != nil && err != sql.ErrNoRows {
+		response.WriteServerError(w, method, err)
+		return
+	}
+	if len(perms) == 0 {
+		perms = []permission.Permission{}
+	}
+
+	record := permission.DecodeUserPermissions(perms)
+	response.WriteJSON(w, record)
+}

domain/permission/mysql/store.go

@@ -0,0 +1,136 @@
+// Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
+//
+// This software (Documize Community Edition) is licensed under
+// GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
+//
+// You can operate outside the AGPL restrictions by purchasing
+// Documize Enterprise Edition and obtaining a commercial license
+// by contacting <sales@documize.com>.
+//
+// https://documize.com
+
+// Package mysql handles data persistence for space and document permissions.
+package mysql
+
+import (
+	"database/sql"
+	"fmt"
+	"time"
+
+	"github.com/documize/community/core/env"
+	"github.com/documize/community/core/streamutil"
+	"github.com/documize/community/domain"
+	"github.com/documize/community/domain/store/mysql"
+	"github.com/documize/community/model/permission"
+	"github.com/pkg/errors"
+)
+
+// Scope provides data access to MySQL.
+type Scope struct {
+	Runtime *env.Runtime
+}
+
+// AddPermission inserts the given record into the permisssion table.
+func (s Scope) AddPermission(ctx domain.RequestContext, r permission.Permission) (err error) {
+	r.Created = time.Now().UTC()
+
+	stmt, err := ctx.Transaction.Preparex("INSERT INTO permission (orgid, who, whoid, action, scope, location, refid, created) VALUES (?, ?, ?, ?, ?, ?, ?, ?)")
+	defer streamutil.Close(stmt)
+
+	if err != nil {
+		err = errors.Wrap(err, "unable to prepare insert permission")
+		return
+	}
+
+	_, err = stmt.Exec(r.OrgID, r.Who, r.WhoID, string(r.Action), r.Scope, r.Location, r.RefID, r.Created)
+	if err != nil {
+		err = errors.Wrap(err, "unable to execute insert permission")
+		return
+	}
+
+	return
+}
+
+// AddPermissions inserts records into permission database table, one per action.
+func (s Scope) AddPermissions(ctx domain.RequestContext, r permission.Permission, actions ...permission.Action) (err error) {
+	for _, a := range actions {
+		r.Action = a
+		s.AddPermission(ctx, r)
+	}
+
+	return
+}
+
+// GetUserSpacePermissions returns space permissions for user.
+// Context is used to for user ID.
+func (s Scope) GetUserSpacePermissions(ctx domain.RequestContext, spaceID string) (r []permission.Permission, err error) {
+	err = s.Runtime.Db.Select(&r, `
+		SELECT id, orgid, who, whoid, action, scope, location, refid
+			FROM permission WHERE orgid=? AND location='space' AND refid=? AND who='user' AND (whoid=? OR whoid='')
+		UNION ALL
+		SELECT p.id, p.orgid, p.who, p.whoid, p.action, p.scope, p.location, p.refid
+			FROM permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.location='space' AND refid=?
+			AND p.who='role' AND (r.userid=? OR r.userid='')`,
+		ctx.OrgID, spaceID, ctx.UserID, ctx.OrgID, spaceID, ctx.OrgID)
+
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+	if err != nil {
+		err = errors.Wrap(err, fmt.Sprintf("unable to execute select user permissions %s", ctx.UserID))
+		return
+	}
+
+	return
+}
+
+// GetSpacePermissions returns space permissions for all users.
+func (s Scope) GetSpacePermissions(ctx domain.RequestContext, spaceID string) (r []permission.Permission, err error) {
+	err = s.Runtime.Db.Select(&r, `
+		SELECT id, orgid, who, whoid, action, scope, location, refid
+			FROM permission WHERE orgid=? AND location='space' AND refid=? AND who='user'
+		UNION ALL
+		SELECT p.id, p.orgid, p.who, p.whoid, p.action, p.scope, p.location, p.refid
+			FROM permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.location='space' AND p.refid=? 
+			AND p.who='role'`,
+		ctx.OrgID, spaceID, ctx.OrgID, spaceID)
+
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+	if err != nil {
+		err = errors.Wrap(err, fmt.Sprintf("unable to execute select space permissions %s", ctx.UserID))
+		return
+	}
+
+	return
+}
+
+// DeleteSpacePermissions removes records from permissions table for given space ID.
+func (s Scope) DeleteSpacePermissions(ctx domain.RequestContext, spaceID string) (rows int64, err error) {
+	b := mysql.BaseQuery{}
+
+	sql := fmt.Sprintf("DELETE FROM permission WHERE orgid='%s' AND location='space' AND refid='%s'", ctx.OrgID, spaceID)
+
+	return b.DeleteWhere(ctx.Transaction, sql)
+}
+
+// DeleteUserSpacePermissions removes all roles for the specified user, for the specified space.
+func (s Scope) DeleteUserSpacePermissions(ctx domain.RequestContext, spaceID, userID string) (rows int64, err error) {
+	b := mysql.BaseQuery{}
+
+	sql := fmt.Sprintf("DELETE FROM permission WHERE orgid='%s' AND location='space' AND refid='%s' who='user' AND whoid='%s'",
+		ctx.OrgID, spaceID, userID)
+
+	return b.DeleteWhere(ctx.Transaction, sql)
+}
+
+// DeleteUserPermissions removes all roles for the specified user, for the specified space.
+func (s Scope) DeleteUserPermissions(ctx domain.RequestContext, userID string) (rows int64, err error) {
+	b := mysql.BaseQuery{}
+
+	sql := fmt.Sprintf("DELETE FROM permission WHERE orgid='%s' AND who='user' AND whoid='%s'",
+		ctx.OrgID, userID)
+
+	return b.DeleteWhere(ctx.Transaction, sql)
+}

domain/permission/permission.go

@@ -0,0 +1,194 @@
+// Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
+//
+// This software (Documize Community Edition) is licensed under
+// GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
+//
+// You can operate outside the AGPL restrictions by purchasing
+// Documize Enterprise Edition and obtaining a commercial license
+// by contacting <sales@documize.com>.
+//
+// https://documize.com
+
+package permission
+
+import (
+	"database/sql"
+
+	"github.com/documize/community/domain"
+	pm "github.com/documize/community/model/permission"
+)
+
+// CanViewSpaceDocument returns if the user has permission to view a document within the specified folder.
+func CanViewSpaceDocument(ctx domain.RequestContext, s domain.Store, labelID string) bool {
+	roles, err := s.Permission.GetUserSpacePermissions(ctx, labelID)
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+	if err != nil {
+		return false
+	}
+
+	for _, role := range roles {
+		if role.RefID == labelID && role.Location == "space" && role.Scope == "object" &&
+			pm.HasPermission(role.Action, pm.SpaceView, pm.SpaceManage, pm.SpaceOwner) {
+			return true
+		}
+	}
+
+	return false
+}
+
+// CanViewDocument returns if the client has permission to view a given document.
+func CanViewDocument(ctx domain.RequestContext, s domain.Store, documentID string) bool {
+	document, err := s.Document.Get(ctx, documentID)
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+	if err != nil {
+		return false
+	}
+
+	roles, err := s.Permission.GetUserSpacePermissions(ctx, document.LabelID)
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+	if err != nil {
+		return false
+	}
+
+	for _, role := range roles {
+		if role.RefID == document.LabelID && role.Location == "space" && role.Scope == "object" &&
+			pm.HasPermission(role.Action, pm.SpaceView, pm.SpaceManage, pm.SpaceOwner) {
+			return true
+		}
+	}
+
+	return false
+}
+
+// CanChangeDocument returns if the clinet has permission to change a given document.
+func CanChangeDocument(ctx domain.RequestContext, s domain.Store, documentID string) bool {
+	document, err := s.Document.Get(ctx, documentID)
+
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+	if err != nil {
+		return false
+	}
+
+	roles, err := s.Permission.GetUserSpacePermissions(ctx, document.LabelID)
+
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+	if err != nil {
+		return false
+	}
+
+	for _, role := range roles {
+		if role.RefID == document.LabelID && role.Location == "space" && role.Scope == "object" && role.Action == pm.DocumentEdit {
+			return true
+		}
+	}
+
+	return false
+}
+
+// CanDeleteDocument returns if the clinet has permission to change a given document.
+func CanDeleteDocument(ctx domain.RequestContext, s domain.Store, documentID string) bool {
+	document, err := s.Document.Get(ctx, documentID)
+
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+	if err != nil {
+		return false
+	}
+
+	roles, err := s.Permission.GetUserSpacePermissions(ctx, document.LabelID)
+
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+	if err != nil {
+		return false
+	}
+
+	for _, role := range roles {
+		if role.RefID == document.LabelID && role.Location == "space" && role.Scope == "object" && role.Action == pm.DocumentDelete {
+			return true
+		}
+	}
+
+	return false
+}
+
+// CanUploadDocument returns if the client has permission to upload documents to the given space.
+func CanUploadDocument(ctx domain.RequestContext, s domain.Store, spaceID string) bool {
+	roles, err := s.Permission.GetUserSpacePermissions(ctx, spaceID)
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+	if err != nil {
+		return false
+	}
+
+	for _, role := range roles {
+		if role.RefID == spaceID && role.Location == "space" && role.Scope == "object" &&
+			pm.HasPermission(role.Action, pm.DocumentAdd) {
+			return true
+		}
+	}
+
+	return false
+}
+
+// CanViewSpace returns if the user has permission to view the given spaceID.
+func CanViewSpace(ctx domain.RequestContext, s domain.Store, spaceID string) bool {
+	roles, err := s.Permission.GetUserSpacePermissions(ctx, spaceID)
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+	if err != nil {
+		return false
+	}
+
+	for _, role := range roles {
+		if role.RefID == spaceID && role.Location == "space" && role.Scope == "object" &&
+			pm.HasPermission(role.Action, pm.SpaceView, pm.SpaceManage, pm.SpaceOwner) {
+			return true
+		}
+	}
+
+	return false
+}
+
+// HasDocumentAction returns if user can perform specified action.
+func HasDocumentAction(ctx domain.RequestContext, s domain.Store, documentID string, a pm.Action) bool {
+	document, err := s.Document.Get(ctx, documentID)
+
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+	if err != nil {
+		return false
+	}
+
+	roles, err := s.Permission.GetUserSpacePermissions(ctx, document.LabelID)
+
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+	if err != nil {
+		return false
+	}
+
+	for _, role := range roles {
+		if role.RefID == document.LabelID && role.Location == "space" && role.Scope == "object" && role.Action == a {
+			return true
+		}
+	}
+
+	return false
+}