permission

package

v1.76.2 Latest Latest Go to latest Published: Nov 21, 2018 License: AGPL-3.0 Imports: 1 Imported by: 26

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/documize/community

Links

Open Source Insights

Documentation ¶

Index ¶

func ContainsPermission(action Action, actions ...Action) bool
func HasAnyCategoryPermission(p CategoryRecord) bool
func HasAnyDocumentPermission(p DocumentRecord) bool
func HasAnyPermission(p Record) bool
type Action
type CategoryRecord
- func DecodeUserCategoryPermissions(perm []Permission) (r CategoryRecord)
type CategoryViewRequestModel
type DocumentRecord
- func DecodeUserDocumentPermissions(perm []Permission) (r DocumentRecord)
type LocationType
type Permission
type Record
- func DecodeUserPermissions(perm []Permission) (r Record)
type ScopeType
type SpaceRequestModel
type WhoType

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ContainsPermission ¶

func ContainsPermission(action Action, actions ...Action) bool

ContainsPermission checks if action matches one of the required actions?

func HasAnyCategoryPermission ¶ added in v1.58.0

func HasAnyCategoryPermission(p CategoryRecord) bool

HasAnyCategoryPermission returns true if user has at least one permission.

func HasAnyDocumentPermission ¶ added in v1.56.0

func HasAnyDocumentPermission(p DocumentRecord) bool

HasAnyDocumentPermission returns true if user has at least one permission.

func HasAnyPermission ¶

func HasAnyPermission(p Record) bool

HasAnyPermission returns true if user has at least one permission.

Types ¶

type Action ¶

type Action string

Action details type of action

const (
	// SpaceView action means you can view a space and documents therein
	SpaceView Action = "view"

	// SpaceManage action means you can add, remove users, set permissions, but not delete that space
	SpaceManage Action = "manage"

	// SpaceOwner action means you can delete a space and do all SpaceManage functions
	SpaceOwner Action = "own"

	// DocumentAdd action means you can create/upload documents to a space
	DocumentAdd Action = "doc-add"

	// DocumentEdit action means you can edit documents in a space
	DocumentEdit Action = "doc-edit"

	// DocumentDelete means you can delete documents in a space
	DocumentDelete Action = "doc-delete"

	// DocumentMove means you can move documents between spaces
	DocumentMove Action = "doc-move"

	// DocumentCopy means you can copy documents within and between spaces
	DocumentCopy Action = "doc-copy"

	// DocumentTemplate means you can create, edit and delete document templates and content blocks
	DocumentTemplate Action = "doc-template"

	// DocumentApprove means you can approve a change to a document
	DocumentApprove Action = "doc-approve"

	// DocumentLifecycle means you can move a document between DRAFT/LIVE/ARCHIVE states
	DocumentLifecycle Action = "doc-lifecycle"

	// DocumentVersion means you can manage document versions
	DocumentVersion Action = "doc-version"

	// CategoryView action means you can view a category and documents therein
	CategoryView Action = "view"
)

type CategoryRecord ¶ added in v1.58.0

type CategoryRecord struct {
	OrgID        string  `json:"orgId"`
	CategoryID   string  `json:"categoryId"`
	WhoID        string  `json:"whoId"`
	Who          WhoType `json:"who"`
	CategoryView bool    `json:"categoryView"`
	Name         string  `json:"name"` // read-only, user or group name
}

CategoryRecord represents space permissions for a user on a category. This data structure is made from database permission records for the category, and it is designed to be sent to HTTP clients (web, mobile).

func DecodeUserCategoryPermissions ¶ added in v1.58.0

func DecodeUserCategoryPermissions(perm []Permission) (r CategoryRecord)

DecodeUserCategoryPermissions returns a flat, usable permission summary record from multiple user permission records for a given category.

type CategoryViewRequestModel ¶

type CategoryViewRequestModel struct {
	OrgID      string  `json:"orgId"`
	SpaceID    string  `json:"spaceId"`
	CategoryID string  `json:"categoryID"`
	WhoID      string  `json:"whoId"`
	Who        WhoType `json:"who"`
}

CategoryViewRequestModel represents who should be allowed to see a category.

type DocumentRecord ¶ added in v1.56.0

type DocumentRecord struct {
	OrgID               string  `json:"orgId"`
	DocumentID          string  `json:"documentId"`
	WhoID               string  `json:"whoId"`
	Who                 WhoType `json:"who"`
	DocumentRoleEdit    bool    `json:"documentRoleEdit"`
	DocumentRoleApprove bool    `json:"documentRoleApprove"`
}

DocumentRecord represents space permissions for a user on a document. This data structure is made from database permission records for the document, and it is designed to be sent to HTTP clients (web, mobile).

func DecodeUserDocumentPermissions ¶ added in v1.56.0

func DecodeUserDocumentPermissions(perm []Permission) (r DocumentRecord)

DecodeUserDocumentPermissions returns a flat, usable permission summary record from multiple user permission records for a given document.

type LocationType ¶ added in v1.58.0

type LocationType string

LocationType tells us the entity being permissioned

const (
	// LocationSpace means space is being permissioned
	LocationSpace LocationType = "space"

	// LocationCategory means category is being permissioned
	LocationCategory LocationType = "category"

	// LocationDocument means document is being permissioned
	LocationDocument LocationType = "document"
)

type Permission ¶

type Permission struct {
	ID       uint64       `json:"id"`
	OrgID    string       `json:"orgId"`
	Who      WhoType      `json:"who"`      // user, role
	WhoID    string       `json:"whoId"`    // either a user or role ID
	Action   Action       `json:"action"`   // view, edit, delete
	Scope    ScopeType    `json:"scope"`    // object, table
	Location LocationType `json:"location"` // table name
	RefID    string       `json:"refId"`    // id of row in table / blank when scope=table
	Created  time.Time    `json:"created"`
}

Permission represents a permission for a space and is persisted to the database.

func EncodeCategoryRecord ¶ added in v1.58.0

func EncodeCategoryRecord(r CategoryRecord, a Action) (p Permission)

EncodeCategoryRecord creates standard permission record representing user permissions for a category.

func EncodeDocumentRecord ¶ added in v1.56.0

func EncodeDocumentRecord(r DocumentRecord, a Action) (p Permission)

EncodeDocumentRecord creates standard permission record representing user permissions for a document.

func EncodeRecord ¶

func EncodeRecord(r Record, a Action) (p Permission)

EncodeRecord creates standard permission record representing user permissions for a space.

func EncodeUserCategoryPermissions ¶ added in v1.58.0

func EncodeUserCategoryPermissions(r CategoryRecord) (perm []Permission)

EncodeUserCategoryPermissions returns multiple user permission records for a given document, using flat permission summary record.

func EncodeUserDocumentPermissions ¶ added in v1.56.0

func EncodeUserDocumentPermissions(r DocumentRecord) (perm []Permission)

EncodeUserDocumentPermissions returns multiple user permission records for a given document, using flat permission summary record.

func EncodeUserPermissions ¶

func EncodeUserPermissions(r Record) (perm []Permission)

EncodeUserPermissions returns multiple user permission records for a given space, using flat permission summary record.

type Record ¶

type Record struct {
	ID                uint64  `json:"id"`
	OrgID             string  `json:"orgId"`
	SpaceID           string  `json:"spaceId"`
	WhoID             string  `json:"whoId"`
	Who               WhoType `json:"who"`
	SpaceView         bool    `json:"spaceView"`
	SpaceManage       bool    `json:"spaceManage"`
	SpaceOwner        bool    `json:"spaceOwner"`
	DocumentAdd       bool    `json:"documentAdd"`
	DocumentEdit      bool    `json:"documentEdit"`
	DocumentDelete    bool    `json:"documentDelete"`
	DocumentMove      bool    `json:"documentMove"`
	DocumentCopy      bool    `json:"documentCopy"`
	DocumentTemplate  bool    `json:"documentTemplate"`
	DocumentApprove   bool    `json:"documentApprove"`
	DocumentLifecycle bool    `json:"documentLifecycle"`
	DocumentVersion   bool    `json:"documentVersion"`
	Name              string  `json:"name"` // read-only, user or group name
}

Record represents space permissions for a user on a space. This data structure is made from database permission records for the space, and it is designed to be sent to HTTP clients (web, mobile).

func DecodeUserPermissions ¶

func DecodeUserPermissions(perm []Permission) (r Record)

DecodeUserPermissions returns a flat, usable permission summary record from multiple user permission records for a given space.

type ScopeType ¶ added in v1.58.0

type ScopeType string

ScopeType details at what level data is being protected, e.g. table, row

const (
	// ScopeRow identifies row in table is being protected
	ScopeRow ScopeType = "object"
)

type SpaceRequestModel ¶ added in v1.56.0

type SpaceRequestModel struct {
	Message     string
	Permissions []Record
}

SpaceRequestModel details which users have what permissions on a given space.

type WhoType ¶ added in v1.58.0

type WhoType string

WhoType tell us if permission record represents user or group

const (
	// GroupPermission means permission is assigned to a group
	GroupPermission WhoType = "role"

	// UserPermission means permission is assigned to a user
	UserPermission WhoType = "user"
)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL