Draft documents always visible to editors when space lifecycle set to Draft mode

2025-08-02 20:15:26 +02:00 · 2018-05-14 11:52:51 +01:00 · 2018-05-14 11:52:51 +01:00 · f5b196c334
commit f5b196c334
parent 9724f85653
6 changed files with 688 additions and 744 deletions
--- a/domain/document/endpoint.go
+++ b/domain/document/endpoint.go
@ -143,9 +143,19 @@ func (h *Handler) BySpace(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	// get user permissions
+	// Get the space as we need to check settings.
+	space, err := h.Store.Space.Get(ctx, spaceID)
+
+	// Can user view drafts?
 	viewDrafts := permission.CanViewDrafts(ctx, *h.Store, spaceID)

+	// If space defaults to drfat documents, then this means
+	// user can view drafts as long as they have edit rights.
+	canEdit := permission.HasPermission(ctx, *h.Store, spaceID, pm.DocumentEdit)
+	if space.Lifecycle == workflow.LifecycleDraft && canEdit {
+		viewDrafts = true
+	}
+
 	// Get complete list of documents regardless of category permission
 	// and versioning.
 	documents, err := h.Store.Document.GetBySpace(ctx, spaceID)
--- a/domain/permission/permission.go
+++ b/domain/permission/permission.go
@ -227,72 +227,6 @@ func HasPermission(ctx domain.RequestContext, s domain.Store, spaceID string, ac
 	return false
 }

-// // GetDocumentApprovers returns list of users who can approve given document in given space
-// func GetDocumentApprovers(ctx domain.RequestContext, s domain.Store, spaceID, documentID string) (users []u.User, err error) {
-// 	users = []u.User{}
-// 	prev := make(map[string]bool) // used to ensure we only process user once
-
-// 	// Permissions can be assigned to both groups and individual users.
-// 	// Pre-fetch users with group membership to help us work out
-// 	// if user belongs to a group with permissions.
-// 	groupMembers, err := s.Group.GetMembers(ctx)
-// 	if err != nil {
-// 		return users, err
-// 	}
-
-// 	// space permissions
-// 	sp, err := s.Permission.GetSpacePermissions(ctx, spaceID)
-// 	if err != nil {
-// 		return users, err
-// 	}
-// 	// document permissions
-// 	dp, err := s.Permission.GetDocumentPermissions(ctx, documentID)
-// 	if err != nil {
-// 		return users, err
-// 	}
-
-// 	// all permissions
-// 	all := sp
-// 	all = append(all, dp...)
-
-// 	for _, p := range all {
-// 		// only approvers
-// 		if p.Action != pm.DocumentApprove {
-// 			continue
-// 		}
-
-// 		if p.Who == pm.GroupPermission {
-// 			// get group records for just this group
-// 			groupRecords := group.FilterGroupRecords(groupMembers, p.WhoID)
-
-// 			for i := range groupRecords {
-// 				user, err := s.User.Get(ctx, groupRecords[i].UserID)
-// 				if err != nil {
-// 					return users, err
-// 				}
-// 				if _, isExisting := prev[user.RefID]; !isExisting {
-// 					users = append(users, user)
-// 					prev[user.RefID] = true
-// 				}
-// 			}
-// 		}
-
-// 		if p.Who == pm.UserPermission {
-// 			user, err := s.User.Get(ctx, p.WhoID)
-// 			if err != nil {
-// 				return users, err
-// 			}
-
-// 			if _, isExisting := prev[user.RefID]; !isExisting {
-// 				users = append(users, user)
-// 				prev[user.RefID] = true
-// 			}
-// 		}
-// 	}
-
-// 	return users, err
-// }
-
 // GetUsersWithDocumentPermission returns list of users who have specified document permission in given space
 func GetUsersWithDocumentPermission(ctx domain.RequestContext, s domain.Store, spaceID, documentID string, permissionRequired pm.Action) (users []u.User, err error) {
 	users = []u.User{}