refactored permission code

2025-08-02 20:15:26 +02:00 · 2017-09-18 17:53:42 +01:00 · 2017-09-18 17:53:42 +01:00 · 6a651770b5
commit 6a651770b5
parent c12c000ef3
24 changed files with 753 additions and 632 deletions
--- a/model/permission/permissions.go
+++ b/model/permission/permissions.go
@ -9,12 +9,52 @@
 //
 // https://documize.com

-package space
+package permission

-// PermissionRecord represents space permissions for a user on a space.
+import "time"
+
+// Permission represents a permission for a space and is persisted to the database.
+type Permission struct {
+	ID       uint64    `json:"id"`
+	OrgID    string    `json:"-"`
+	Who      string    `json:"who"`      // user, role
+	WhoID    string    `json:"whoId"`    // either a user or role ID
+	Action   Action    `json:"action"`   // view, edit, delete
+	Scope    string    `json:"scope"`    // object, table
+	Location string    `json:"location"` // table name
+	RefID    string    `json:"refId"`    // id of row in table / blank when scope=table
+	Created  time.Time `json:"created"`
+}
+
+// Action details type of action
+type Action string
+
+const (
+	// SpaceView action means you can view a space and documents therein
+	SpaceView Action = "view"
+	// SpaceManage action means you can add, remove users, set permissions, but not delete that space
+	SpaceManage Action = "manage"
+	// SpaceOwner action means you can delete a space and do all SpaceManage functions
+	SpaceOwner Action = "own"
+
+	// DocumentAdd action means you can create/upload documents to a space
+	DocumentAdd Action = "doc-add"
+	// DocumentEdit action means you can edit documents in a space
+	DocumentEdit Action = "doc-edit"
+	// DocumentDelete means you can delete documents in a space
+	DocumentDelete Action = "doc-delete"
+	// DocumentMove means you can move documents between spaces
+	DocumentMove Action = "doc-move"
+	// DocumentCopy means you can copy documents within and between spaces
+	DocumentCopy Action = "doc-copy"
+	// DocumentTemplate means you can create, edit and delete document templates and content blocks
+	DocumentTemplate Action = "doc-template"
+)
+
+// Record represents space permissions for a user on a space.
 // This data structure is made from database permission records for the space,
 // and it is designed to be sent to HTTP clients (web, mobile).
-type PermissionRecord struct {
+type Record struct {
 	OrgID            string `json:"orgId"`
 	SpaceID          string `json:"folderId"`
 	UserID           string `json:"userId"`
@ -31,8 +71,8 @@ type PermissionRecord struct {

 // DecodeUserPermissions returns a flat, usable permission summary record
 // from multiple user permission records for a given space.
-func DecodeUserPermissions(perm []Permission) (r PermissionRecord) {
-	r = PermissionRecord{}
+func DecodeUserPermissions(perm []Permission) (r Record) {
+	r = Record{}

 	if len(perm) > 0 {
 		r.OrgID = perm[0].OrgID
@ -67,9 +107,26 @@ func DecodeUserPermissions(perm []Permission) (r PermissionRecord) {
 	return
 }

+// PermissionsModel details which users have what permissions on a given space.
+type PermissionsModel struct {
+	Message     string
+	Permissions []Record
+}
+
+// HasPermission checks if action matches one of the required actions?
+func HasPermission(action Action, actions ...Action) bool {
+	for _, a := range actions {
+		if action == a {
+			return true
+		}
+	}
+
+	return false
+}
+
 // EncodeUserPermissions returns multiple user permission records
 // for a given space, using flat permission summary record.
-func EncodeUserPermissions(r PermissionRecord) (perm []Permission) {
+func EncodeUserPermissions(r Record) (perm []Permission) {
 	if r.SpaceView {
 		perm = append(perm, EncodeRecord(r, SpaceView))
 	}
@ -103,13 +160,13 @@ func EncodeUserPermissions(r PermissionRecord) (perm []Permission) {
 }

 // HasAnyPermission returns true if user has at least one permission.
-func HasAnyPermission(p PermissionRecord) bool {
+func HasAnyPermission(p Record) bool {
 	return p.SpaceView || p.SpaceManage || p.SpaceOwner || p.DocumentAdd || p.DocumentEdit ||
 		p.DocumentDelete || p.DocumentMove || p.DocumentCopy || p.DocumentTemplate
 }

 // EncodeRecord creates standard permission record representing user permissions for a space.
-func EncodeRecord(r PermissionRecord, a PermissionAction) (p Permission) {
+func EncodeRecord(r Record, a Action) (p Permission) {
 	p = Permission{}
 	p.OrgID = r.OrgID
 	p.Who = "user"
--- a/model/space/space.go
+++ b/model/space/space.go
@ -12,8 +12,6 @@
 package space

 import (
-	"time"
-
 	"github.com/documize/community/model"
 )

@ -55,44 +53,6 @@ func (l *Space) IsRestricted() bool {
 	return l.Type == ScopeRestricted
 }

-// Permission represents a permission for a space and is persisted to the database.
-type Permission struct {
-	ID       uint64           `json:"id"`
-	OrgID    string           `json:"-"`
-	Who      string           `json:"who"`      // user, role
-	WhoID    string           `json:"whoId"`    // either a user or role ID
-	Action   PermissionAction `json:"action"`   // view, edit, delete
-	Scope    string           `json:"scope"`    // object, table
-	Location string           `json:"location"` // table name
-	RefID    string           `json:"refId"`    // id of row in table / blank when scope=table
-	Created  time.Time        `json:"created"`
-}
-
-// PermissionAction details type of action
-type PermissionAction string
-
-const (
-	// SpaceView action means you can view a space and documents therein
-	SpaceView PermissionAction = "view"
-	// SpaceManage action means you can add, remove users, set permissions, but not delete that space
-	SpaceManage PermissionAction = "manage"
-	// SpaceOwner action means you can delete a space and do all SpaceManage functions
-	SpaceOwner PermissionAction = "own"
-
-	// DocumentAdd action means you can create/upload documents to a space
-	DocumentAdd PermissionAction = "doc-add"
-	// DocumentEdit action means you can edit documents in a space
-	DocumentEdit PermissionAction = "doc-edit"
-	// DocumentDelete means you can delete documents in a space
-	DocumentDelete PermissionAction = "doc-delete"
-	// DocumentMove means you can move documents between spaces
-	DocumentMove PermissionAction = "doc-move"
-	// DocumentCopy means you can copy documents within and between spaces
-	DocumentCopy PermissionAction = "doc-copy"
-	// DocumentTemplate means you can create, edit and delete document templates and content blocks
-	DocumentTemplate PermissionAction = "doc-template"
-)
-
 // Viewer details who can see a particular space
 type Viewer struct {
 	Name      string `json:"name"`
@ -104,12 +64,6 @@ type Viewer struct {
 	Email     string `json:"email"`
 }

-// PermissionsModel details which users have what permissions on a given space.
-type PermissionsModel struct {
-	Message     string
-	Permissions []PermissionRecord
-}
-
 // AcceptShareModel is used to setup a user who has accepted a shared space.
 type AcceptShareModel struct {
 	Serial    string `json:"serial"`
@ -132,14 +86,3 @@ type NewSpaceRequest struct {
 	CopyPermission bool   `json:"copyPermission"` // copy uer permissions
 	CopyDocument   bool   `json:"copyDocument"`   // copy all documents!
 }
-
-// HasPermission checks if action matches one of the required actions?
-func HasPermission(action PermissionAction, actions ...PermissionAction) bool {
-	for _, a := range actions {
-		if action == a {
-			return true
-		}
-	}
-
-	return false
-}