mirror of
https://github.com/documize/community.git
synced 2025-07-20 13:49:42 +02:00
Ensure permission records parsed for groups and users
This commit is contained in:
sauls8t
parent
ad3f406876
commit
ada775e074
2 changed files with 50 additions and 21 deletions
|
|
@ -15,6 +15,7 @@ import (
|
|||
"database/sql"
|
||||
|
||||
"github.com/documize/community/domain"
|
||||
group "github.com/documize/community/model/group"
|
||||
pm "github.com/documize/community/model/permission"
|
||||
u "github.com/documize/community/model/user"
|
||||
)
|
||||
|
|
@ -193,34 +194,63 @@ func GetDocumentApprovers(ctx domain.RequestContext, s domain.Store, spaceID, do
|
|||
users = []u.User{}
|
||||
prev := make(map[string]bool) // used to ensure we only process user once
|
||||
|
||||
// check space permissions
|
||||
sp, err := s.Permission.GetSpacePermissions(ctx, spaceID)
|
||||
for _, p := range sp {
|
||||
if p.Action == pm.DocumentApprove {
|
||||
user, err := s.User.Get(ctx, p.WhoID)
|
||||
if err == nil {
|
||||
prev[user.RefID] = true
|
||||
users = append(users, user)
|
||||
} else {
|
||||
return users, err
|
||||
}
|
||||
}
|
||||
// Permissions can be assigned to both groups and individual users.
|
||||
// Pre-fetch users with group membership to help us work out
|
||||
// if user belongs to a group with permissions.
|
||||
groupMembers, err := s.Group.GetMembers(ctx)
|
||||
if err != nil {
|
||||
return users, err
|
||||
}
|
||||
|
||||
// check document permissions
|
||||
// space permissions
|
||||
sp, err := s.Permission.GetSpacePermissions(ctx, spaceID)
|
||||
if err != nil {
|
||||
return users, err
|
||||
}
|
||||
// document permissions
|
||||
dp, err := s.Permission.GetDocumentPermissions(ctx, documentID)
|
||||
for _, p := range dp {
|
||||
if p.Action == pm.DocumentApprove {
|
||||
user, err := s.User.Get(ctx, p.WhoID)
|
||||
if err == nil {
|
||||
if err != nil {
|
||||
return users, err
|
||||
}
|
||||
|
||||
// all permissions
|
||||
all := sp
|
||||
all = append(all, dp...)
|
||||
|
||||
for _, p := range all {
|
||||
// only approvers
|
||||
if p.Action != pm.DocumentApprove {
|
||||
continue
|
||||
}
|
||||
|
||||
if p.Who == pm.GroupPermission {
|
||||
// get group records for just this group
|
||||
groupRecords := group.FilterGroupRecords(groupMembers, p.WhoID)
|
||||
|
||||
for i := range groupRecords {
|
||||
user, err := s.User.Get(ctx, groupRecords[i].UserID)
|
||||
if err != nil {
|
||||
return users, err
|
||||
}
|
||||
if _, isExisting := prev[user.RefID]; !isExisting {
|
||||
users = append(users, user)
|
||||
prev[user.RefID] = true
|
||||
}
|
||||
} else {
|
||||
}
|
||||
}
|
||||
|
||||
if p.Who == pm.UserPermission {
|
||||
user, err := s.User.Get(ctx, p.WhoID)
|
||||
if err != nil {
|
||||
return users, err
|
||||
}
|
||||
|
||||
if _, isExisting := prev[user.RefID]; !isExisting {
|
||||
users = append(users, user)
|
||||
prev[user.RefID] = true
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return
|
||||
return users, err
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue