still moving codebase to new API (WIP)

2025-08-02 12:05:23 +02:00 · 2017-07-26 20:03:23 +01:00 · 2017-07-26 20:03:23 +01:00 · d90b3249c3
commit d90b3249c3
parent 72b14def6d
44 changed files with 5276 additions and 336 deletions
--- a/domain/document/mysql/store.go
+++ b/domain/document/mysql/store.go
@ -17,6 +17,7 @@ import (
 	"github.com/documize/community/core/env"
 	"github.com/documize/community/core/streamutil"
 	"github.com/documize/community/domain"
+	"github.com/documize/community/model/doc"
 	"github.com/pkg/errors"
 )

@ -25,6 +26,25 @@ type Scope struct {
 	Runtime *env.Runtime
 }

+// Get fetches the document record with the given id fromt the document table and audits that it has been got.
+func (s Scope) Get(ctx domain.RequestContext, id string) (document doc.Document, err error) {
+	stmt, err := s.Runtime.Db.Preparex("SELECT id, refid, orgid, labelid, userid, job, location, title, excerpt, slug, tags, template, layout, created, revised FROM document WHERE orgid=? and refid=?")
+	defer streamutil.Close(stmt)
+
+	if err != nil {
+		err = errors.Wrap(err, "prepare select document")
+		return
+	}
+
+	err = stmt.Get(&document, ctx.OrgID, id)
+	if err != nil {
+		err = errors.Wrap(err, "execute select document")
+		return
+	}
+
+	return
+}
+
 // MoveDocumentSpace changes the label for client's organization's documents which have space "id", to "move".
 func (s Scope) MoveDocumentSpace(ctx domain.RequestContext, id, move string) (err error) {
 	stmt, err := ctx.Transaction.Preparex("UPDATE document SET labelid=? WHERE orgid=? AND labelid=?")
@ -43,3 +63,20 @@ func (s Scope) MoveDocumentSpace(ctx domain.RequestContext, id, move string) (er

 	return
 }
+
+// PublicDocuments returns a slice of SitemapDocument records, holding documents in folders of type 1 (entity.TemplateTypePublic).
+func (s Scope) PublicDocuments(ctx domain.RequestContext, orgID string) (documents []doc.SitemapDocument, err error) {
+	err = s.Runtime.Db.Select(&documents,
+		`SELECT d.refid as documentid, d.title as document, d.revised as revised, l.refid as folderid, l.label as folder
+FROM document d LEFT JOIN label l ON l.refid=d.labelid
+WHERE d.orgid=?
+AND l.type=1
+AND d.template=0`, orgID)
+
+	if err != nil {
+		err = errors.Wrap(err, fmt.Sprintf("execute GetPublicDocuments for org %s%s", orgID))
+		return
+	}
+
+	return
+}
--- a/domain/document/permission.go
+++ b/domain/document/permission.go
@ -0,0 +1,116 @@
+// Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
+//
+// This software (Documize Community Edition) is licensed under
+// GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
+//
+// You can operate outside the AGPL restrictions by purchasing
+// Documize Enterprise Edition and obtaining a commercial license
+// by contacting <sales@documize.com>.
+//
+// https://documize.com
+
+package document
+
+import (
+	"database/sql"
+
+	"github.com/documize/community/domain"
+)
+
+// CanViewDocumentInFolder returns if the user has permission to view a document within the specified folder.
+func CanViewDocumentInFolder(ctx domain.RequestContext, s domain.Store, labelID string) (hasPermission bool) {
+	roles, err := s.Space.GetUserRoles(ctx)
+
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+	if err != nil {
+		return false
+	}
+
+	for _, role := range roles {
+		if role.LabelID == labelID && (role.CanView || role.CanEdit) {
+			return true
+		}
+	}
+
+	return false
+}
+
+// CanViewDocument returns if the clinet has permission to view a given document.
+func CanViewDocument(ctx domain.RequestContext, s domain.Store, documentID string) (hasPermission bool) {
+	document, err := s.Document.Get(ctx, documentID)
+
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+	if err != nil {
+		return false
+	}
+
+	roles, err := s.Space.GetUserRoles(ctx)
+
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+	if err != nil {
+		return false
+	}
+
+	for _, role := range roles {
+		if role.LabelID == document.LabelID && (role.CanView || role.CanEdit) {
+			return true
+		}
+	}
+
+	return false
+}
+
+// CanChangeDocument returns if the clinet has permission to change a given document.
+func CanChangeDocument(ctx domain.RequestContext, s domain.Store, documentID string) (hasPermission bool) {
+	document, err := s.Document.Get(ctx, documentID)
+
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+	if err != nil {
+		return false
+	}
+
+	roles, err := s.Space.GetUserRoles(ctx)
+
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+	if err != nil {
+		return false
+	}
+
+	for _, role := range roles {
+		if role.LabelID == document.LabelID && role.CanEdit {
+			return true
+		}
+	}
+
+	return false
+}
+
+// CanUploadDocument returns if the client has permission to upload documents to the given folderID.
+func CanUploadDocument(ctx domain.RequestContext, s domain.Store, folderID string) (hasPermission bool) {
+	roles, err := s.Space.GetUserRoles(ctx)
+
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+	if err != nil {
+		return false
+	}
+
+	for _, role := range roles {
+		if role.LabelID == folderID && role.CanEdit {
+			return true
+		}
+	}
+
+	return false
+}