2018-02-18 09:14:51 +00:00
|
|
|
// @flow
|
2020-06-20 20:59:15 +00:00
|
|
|
import invariant from "invariant";
|
|
|
|
import { concat, some } from "lodash";
|
|
|
|
import { AdminRequiredError } from "../errors";
|
2020-08-09 05:53:59 +00:00
|
|
|
import { Collection, User } from "../models";
|
|
|
|
import policy from "./policy";
|
2018-02-18 09:14:51 +00:00
|
|
|
|
|
|
|
const { allow } = policy;
|
|
|
|
|
2020-06-20 20:59:15 +00:00
|
|
|
allow(User, "create", Collection);
|
2018-02-18 09:14:51 +00:00
|
|
|
|
2020-06-20 20:59:15 +00:00
|
|
|
allow(User, ["read", "export"], Collection, (user, collection) => {
|
2019-10-06 01:42:03 +00:00
|
|
|
if (!collection || user.teamId !== collection.teamId) return false;
|
2019-01-05 21:37:33 +00:00
|
|
|
|
2020-03-15 03:48:32 +00:00
|
|
|
if (collection.private) {
|
|
|
|
invariant(
|
|
|
|
collection.memberships,
|
2020-06-20 20:59:15 +00:00
|
|
|
"membership should be preloaded, did you forget withMembership scope?"
|
2020-03-15 03:48:32 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
const allMemberships = concat(
|
|
|
|
collection.memberships,
|
|
|
|
collection.collectionGroupMemberships
|
|
|
|
);
|
|
|
|
|
2020-08-09 01:53:11 +00:00
|
|
|
return some(allMemberships, (m) =>
|
2020-06-20 20:59:15 +00:00
|
|
|
["read", "read_write", "maintainer"].includes(m.permission)
|
2020-03-15 03:48:32 +00:00
|
|
|
);
|
2019-10-06 01:42:03 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
});
|
|
|
|
|
2020-06-20 20:59:15 +00:00
|
|
|
allow(User, ["publish", "update"], Collection, (user, collection) => {
|
2019-10-06 01:42:03 +00:00
|
|
|
if (!collection || user.teamId !== collection.teamId) return false;
|
|
|
|
|
|
|
|
if (collection.private) {
|
|
|
|
invariant(
|
|
|
|
collection.memberships,
|
2020-06-20 20:59:15 +00:00
|
|
|
"membership should be preloaded, did you forget withMembership scope?"
|
2019-10-06 01:42:03 +00:00
|
|
|
);
|
2019-01-05 21:37:33 +00:00
|
|
|
|
2020-03-15 03:48:32 +00:00
|
|
|
const allMemberships = concat(
|
|
|
|
collection.memberships,
|
|
|
|
collection.collectionGroupMemberships
|
|
|
|
);
|
|
|
|
|
2020-08-09 01:53:11 +00:00
|
|
|
return some(allMemberships, (m) =>
|
2020-06-20 20:59:15 +00:00
|
|
|
["read_write", "maintainer"].includes(m.permission)
|
2019-10-06 01:42:03 +00:00
|
|
|
);
|
2019-01-05 21:37:33 +00:00
|
|
|
}
|
2019-10-06 01:42:03 +00:00
|
|
|
|
|
|
|
return true;
|
|
|
|
});
|
2018-02-18 09:14:51 +00:00
|
|
|
|
2020-06-20 20:59:15 +00:00
|
|
|
allow(User, "delete", Collection, (user, collection) => {
|
2018-02-20 07:31:18 +00:00
|
|
|
if (!collection || user.teamId !== collection.teamId) return false;
|
2019-01-05 21:37:33 +00:00
|
|
|
|
2019-10-06 01:42:03 +00:00
|
|
|
if (collection.private) {
|
|
|
|
invariant(
|
|
|
|
collection.memberships,
|
2020-06-20 20:59:15 +00:00
|
|
|
"membership should be preloaded, did you forget withMembership scope?"
|
2019-10-06 01:42:03 +00:00
|
|
|
);
|
2020-03-15 03:48:32 +00:00
|
|
|
const allMemberships = concat(
|
|
|
|
collection.memberships,
|
|
|
|
collection.collectionGroupMemberships
|
|
|
|
);
|
|
|
|
|
2020-08-09 01:53:11 +00:00
|
|
|
return some(allMemberships, (m) =>
|
2020-06-20 20:59:15 +00:00
|
|
|
["read_write", "maintainer"].includes(m.permission)
|
2020-03-15 03:48:32 +00:00
|
|
|
);
|
2019-04-18 02:11:23 +00:00
|
|
|
}
|
2019-01-05 21:37:33 +00:00
|
|
|
|
2018-05-31 19:44:32 +00:00
|
|
|
if (user.isAdmin) return true;
|
2019-01-05 21:37:33 +00:00
|
|
|
if (user.id === collection.creatorId) return true;
|
|
|
|
|
2018-05-31 19:44:32 +00:00
|
|
|
throw new AdminRequiredError();
|
2018-02-20 07:31:18 +00:00
|
|
|
});
|