coop-cloud-chaos-patchs/outline
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
This repository has been archived on 2022-08-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
6de793e94e01b8ed1bcd896f24e93357b85dff59
outline/server/policies/collection.js
Saumya Pandey bc4fe05147 feat: Read-only users (#1955) 
* Introduce isViewer field

* Update policies

* Make users read-only feature

* Remove not demoting current user validation

* Update tests

* Catch the unhandled promise rejection

* Hide unnecessary ui elements for read-only user

* Update app/scenes/Settings/People.js

Co-authored-by: Tom Moor <tom.moor@gmail.com>

* Remove redundant logic for admin only policies

* Use can logic

* Update snapshot

* Remove lint error

* Update snapshot

* Minor fix

* Update app/menus/UserMenu.js

Co-authored-by: Tom Moor <tom.moor@gmail.com>

* Update server/api/users.js

Co-authored-by: Tom Moor <tom.moor@gmail.com>

* Update app/components/DocumentListItem.js

Co-authored-by: Tom Moor <tom.moor@gmail.com>

* Update app/stores/UsersStore.js

Co-authored-by: Tom Moor <tom.moor@gmail.com>

* Use useCurrentTeam hook in functional component

* Update translation

* Update ternary

* Remove punctuation

* Move the functions to User model

* Update share policy and shareMenu

* Rename makeAdmin to promote

* Create updateCounts function and Rank enum

* Update tests

* Remove enum

* Use async await, remove enum and create computed accessor

* Remove unused variable

* Fix lint issues

* Hide templates

* Create shared/types and use rank type from it

* Delete shared/utils/rank type file

Co-authored-by: Tom Moor <tom.moor@gmail.com>
2021-04-11 19:39:17 -07:00

121 lines
3.2 KiB
JavaScript
Raw Blame History

// @flow
import invariant from "invariant";
import { concat, some } from "lodash";
import { AdminRequiredError } from "../errors";
import { Collection, User, Team } from "../models";
import policy from "./policy";
const { allow } = policy;
allow(User, "createCollection", Team, (user, team) => {
if (!team || user.isViewer || user.teamId !== team.id) return false;
return true;
});
allow(User, "importCollection", Team, (actor, team) => {
if (!team || actor.teamId !== team.id) return false;
if (actor.isAdmin) return true;
throw new AdminRequiredError();
});
allow(User, "move", Collection, (user, collection) => {
if (!collection || user.teamId !== collection.teamId) return false;
if (collection.deletedAt) return false;
if (user.isAdmin) return true;
throw new AdminRequiredError();
});
allow(User, ["read", "export"], Collection, (user, collection) => {
if (!collection || user.teamId !== collection.teamId) return false;
if (!collection.permission) {
invariant(
collection.memberships,
"membership should be preloaded, did you forget withMembership scope?"
);
const allMemberships = concat(
collection.memberships,
collection.collectionGroupMemberships
);
return some(allMemberships, (m) =>
["read", "read_write", "maintainer"].includes(m.permission)
);
}
return true;
});
allow(User, "share", Collection, (user, collection) => {
if (user.isViewer) return false;
if (!collection || user.teamId !== collection.teamId) return false;
if (!collection.sharing) return false;
if (collection.permission !== "read_write") {
invariant(
collection.memberships,
"membership should be preloaded, did you forget withMembership scope?"
);
const allMemberships = concat(
collection.memberships,
collection.collectionGroupMemberships
);
return some(allMemberships, (m) =>
["read_write", "maintainer"].includes(m.permission)
);
}
return true;
});
allow(User, ["publish", "update"], Collection, (user, collection) => {
if (user.isViewer) return false;
if (!collection || user.teamId !== collection.teamId) return false;
if (collection.permission !== "read_write") {
invariant(
collection.memberships,
"membership should be preloaded, did you forget withMembership scope?"
);
const allMemberships = concat(
collection.memberships,
collection.collectionGroupMemberships
);
return some(allMemberships, (m) =>
["read_write", "maintainer"].includes(m.permission)
);
}
return true;
});
allow(User, "delete", Collection, (user, collection) => {
if (user.isViewer) return false;
if (!collection || user.teamId !== collection.teamId) return false;
if (collection.permission !== "read_write") {
invariant(
collection.memberships,
"membership should be preloaded, did you forget withMembership scope?"
);
const allMemberships = concat(
collection.memberships,
collection.collectionGroupMemberships
);
return some(allMemberships, (m) =>
["read_write", "maintainer"].includes(m.permission)
);
}
if (user.isAdmin) return true;
if (user.id === collection.createdById) return true;
throw new AdminRequiredError();
});
Reference in New Issue View Git Blame Copy Permalink