permission

package
v3.2.0+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 29, 2019 License: AGPL-3.0 Imports: 1 Imported by: 26

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ContainsPermission

func ContainsPermission(action Action, actions ...Action) bool

ContainsPermission checks if action matches one of the required actions?

func HasAnyCategoryPermission added in v1.58.0

func HasAnyCategoryPermission(p CategoryRecord) bool

HasAnyCategoryPermission returns true if user has at least one permission.

func HasAnyDocumentPermission added in v1.56.0

func HasAnyDocumentPermission(p DocumentRecord) bool

HasAnyDocumentPermission returns true if user has at least one permission.

func HasAnyPermission

func HasAnyPermission(p Record) bool

HasAnyPermission returns true if user has at least one permission.

Types

type Action

type Action string

Action details type of action

const (
	// SpaceView action means you can view a space and documents therein
	SpaceView Action = "view"

	// SpaceManage action means you can add, remove users, set permissions, but not delete that space
	SpaceManage Action = "manage"

	// SpaceOwner action means you can delete a space and do all SpaceManage functions
	SpaceOwner Action = "own"

	// DocumentAdd action means you can create/upload documents to a space
	DocumentAdd Action = "doc-add"

	// DocumentEdit action means you can edit documents in a space
	DocumentEdit Action = "doc-edit"

	// DocumentDelete means you can delete documents in a space
	DocumentDelete Action = "doc-delete"

	// DocumentMove means you can move documents between spaces
	DocumentMove Action = "doc-move"

	// DocumentCopy means you can copy documents within and between spaces
	DocumentCopy Action = "doc-copy"

	// DocumentTemplate means you can create, edit and delete document templates and content blocks
	DocumentTemplate Action = "doc-template"

	// DocumentApprove means you can approve a change to a document
	DocumentApprove Action = "doc-approve"

	// DocumentLifecycle means you can move a document between DRAFT/LIVE/ARCHIVE states
	DocumentLifecycle Action = "doc-lifecycle"

	// DocumentVersion means you can manage document versions
	DocumentVersion Action = "doc-version"

	// CategoryView action means you can view a category and documents therein
	CategoryView Action = "view"
)

type CategoryRecord added in v1.58.0

type CategoryRecord struct {
	OrgID        string  `json:"orgId"`
	CategoryID   string  `json:"categoryId"`
	WhoID        string  `json:"whoId"`
	Who          WhoType `json:"who"`
	CategoryView bool    `json:"categoryView"`
	Name         string  `json:"name"` // read-only, user or group name
}

CategoryRecord represents space permissions for a user on a category. This data structure is made from database permission records for the category, and it is designed to be sent to HTTP clients (web, mobile).

func DecodeUserCategoryPermissions added in v1.58.0

func DecodeUserCategoryPermissions(perm []Permission) (r CategoryRecord)

DecodeUserCategoryPermissions returns a flat, usable permission summary record from multiple user permission records for a given category.

type CategoryViewRequestModel

type CategoryViewRequestModel struct {
	OrgID      string  `json:"orgId"`
	SpaceID    string  `json:"spaceId"`
	CategoryID string  `json:"categoryID"`
	WhoID      string  `json:"whoId"`
	Who        WhoType `json:"who"`
}

CategoryViewRequestModel represents who should be allowed to see a category.

type DocumentRecord added in v1.56.0

type DocumentRecord struct {
	OrgID               string  `json:"orgId"`
	DocumentID          string  `json:"documentId"`
	WhoID               string  `json:"whoId"`
	Who                 WhoType `json:"who"`
	DocumentRoleEdit    bool    `json:"documentRoleEdit"`
	DocumentRoleApprove bool    `json:"documentRoleApprove"`
}

DocumentRecord represents space permissions for a user on a document. This data structure is made from database permission records for the document, and it is designed to be sent to HTTP clients (web, mobile).

func DecodeUserDocumentPermissions added in v1.56.0

func DecodeUserDocumentPermissions(perm []Permission) (r DocumentRecord)

DecodeUserDocumentPermissions returns a flat, usable permission summary record from multiple user permission records for a given document.

type LocationType added in v1.58.0

type LocationType string

LocationType tells us the entity being permissioned

const (
	// LocationSpace means space is being permissioned
	LocationSpace LocationType = "space"

	// LocationCategory means category is being permissioned
	LocationCategory LocationType = "category"

	// LocationDocument means document is being permissioned
	LocationDocument LocationType = "document"
)

type Permission

type Permission struct {
	ID       uint64       `json:"id"`
	OrgID    string       `json:"orgId"`
	Who      WhoType      `json:"who"`      // user, role
	WhoID    string       `json:"whoId"`    // either a user or role ID
	Action   Action       `json:"action"`   // view, edit, delete
	Scope    ScopeType    `json:"scope"`    // object, table
	Location LocationType `json:"location"` // table name
	RefID    string       `json:"refId"`    // id of row in table / blank when scope=table
	Created  time.Time    `json:"created"`
}

Permission represents a permission for a space and is persisted to the database.

func EncodeCategoryRecord added in v1.58.0

func EncodeCategoryRecord(r CategoryRecord, a Action) (p Permission)

EncodeCategoryRecord creates standard permission record representing user permissions for a category.

func EncodeDocumentRecord added in v1.56.0

func EncodeDocumentRecord(r DocumentRecord, a Action) (p Permission)

EncodeDocumentRecord creates standard permission record representing user permissions for a document.

func EncodeRecord

func EncodeRecord(r Record, a Action) (p Permission)

EncodeRecord creates standard permission record representing user permissions for a space.

func EncodeUserCategoryPermissions added in v1.58.0

func EncodeUserCategoryPermissions(r CategoryRecord) (perm []Permission)

EncodeUserCategoryPermissions returns multiple user permission records for a given document, using flat permission summary record.

func EncodeUserDocumentPermissions added in v1.56.0

func EncodeUserDocumentPermissions(r DocumentRecord) (perm []Permission)

EncodeUserDocumentPermissions returns multiple user permission records for a given document, using flat permission summary record.

func EncodeUserPermissions

func EncodeUserPermissions(r Record) (perm []Permission)

EncodeUserPermissions returns multiple user permission records for a given space, using flat permission summary record.

type Record

type Record struct {
	ID                uint64  `json:"id"`
	OrgID             string  `json:"orgId"`
	SpaceID           string  `json:"spaceId"`
	WhoID             string  `json:"whoId"`
	Who               WhoType `json:"who"`
	SpaceView         bool    `json:"spaceView"`
	SpaceManage       bool    `json:"spaceManage"`
	SpaceOwner        bool    `json:"spaceOwner"`
	DocumentAdd       bool    `json:"documentAdd"`
	DocumentEdit      bool    `json:"documentEdit"`
	DocumentDelete    bool    `json:"documentDelete"`
	DocumentMove      bool    `json:"documentMove"`
	DocumentCopy      bool    `json:"documentCopy"`
	DocumentTemplate  bool    `json:"documentTemplate"`
	DocumentApprove   bool    `json:"documentApprove"`
	DocumentLifecycle bool    `json:"documentLifecycle"`
	DocumentVersion   bool    `json:"documentVersion"`
	Name              string  `json:"name"` // read-only, user or group name
}

Record represents space permissions for a user on a space. This data structure is made from database permission records for the space, and it is designed to be sent to HTTP clients (web, mobile).

func DecodeUserPermissions

func DecodeUserPermissions(perm []Permission) (r Record)

DecodeUserPermissions returns a flat, usable permission summary record from multiple user permission records for a given space.

type ScopeType added in v1.58.0

type ScopeType string

ScopeType details at what level data is being protected, e.g. table, row

const (
	// ScopeRow identifies row in table is being protected
	ScopeRow ScopeType = "object"
)

type SpaceRequestModel added in v1.56.0

type SpaceRequestModel struct {
	Message     string
	Permissions []Record
}

SpaceRequestModel details which users have what permissions on a given space.

type WhoType added in v1.58.0

type WhoType string

WhoType tell us if permission record represents user or group

const (
	// GroupPermission means permission is assigned to a group
	GroupPermission WhoType = "role"

	// UserPermission means permission is assigned to a user
	UserPermission WhoType = "user"
)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL