coop-cloud-chaos-patchs/outline
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
This repository has been archived on 2022-08-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
e49f3ab9fb720855987e17505cadc794e92eeb5a
outline/server/policies/collection.js
Tom Moor 097359bf7c feat: Added ability to disable sharing at collection (#1875) 
* feat: Added ability to disable sharing at collection

* fix: Disable all previous share links when disabling collection share
Language

* fix: Disable document sharing for read-only collection members

* wip

* test

* fix: Clear policies after updating sharing settings

* chore: Less ambiguous language

* feat: Allow setting sharing choice on collection creation
2021-02-09 19:04:03 -08:00

102 lines
2.5 KiB
JavaScript
Raw Blame History

// @flow
import invariant from "invariant";
import { concat, some } from "lodash";
import { AdminRequiredError } from "../errors";
import { Collection, User } from "../models";
import policy from "./policy";
const { allow } = policy;
allow(User, "create", Collection);
allow(User, ["read", "export"], Collection, (user, collection) => {
if (!collection || user.teamId !== collection.teamId) return false;
if (collection.private) {
invariant(
collection.memberships,
"membership should be preloaded, did you forget withMembership scope?"
);
const allMemberships = concat(
collection.memberships,
collection.collectionGroupMemberships
);
return some(allMemberships, (m) =>
["read", "read_write", "maintainer"].includes(m.permission)
);
}
return true;
});
allow(User, "share", Collection, (user, collection) => {
if (!collection || user.teamId !== collection.teamId) return false;
if (!collection.sharing) return false;
if (collection.private) {
invariant(
collection.memberships,
"membership should be preloaded, did you forget withMembership scope?"
);
const allMemberships = concat(
collection.memberships,
collection.collectionGroupMemberships
);
return some(allMemberships, (m) =>
["read_write", "maintainer"].includes(m.permission)
);
}
return true;
});
allow(User, ["publish", "update"], Collection, (user, collection) => {
if (!collection || user.teamId !== collection.teamId) return false;
if (collection.private) {
invariant(
collection.memberships,
"membership should be preloaded, did you forget withMembership scope?"
);
const allMemberships = concat(
collection.memberships,
collection.collectionGroupMemberships
);
return some(allMemberships, (m) =>
["read_write", "maintainer"].includes(m.permission)
);
}
return true;
});
allow(User, "delete", Collection, (user, collection) => {
if (!collection || user.teamId !== collection.teamId) return false;
if (collection.private) {
invariant(
collection.memberships,
"membership should be preloaded, did you forget withMembership scope?"
);
const allMemberships = concat(
collection.memberships,
collection.collectionGroupMemberships
);
return some(allMemberships, (m) =>
["read_write", "maintainer"].includes(m.permission)
);
}
if (user.isAdmin) return true;
if (user.id === collection.createdById) return true;
throw new AdminRequiredError();
});
Reference in New Issue View Git Blame Copy Permalink