Individual document sharing with permissions (#5814)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Tom Moor <tom@getoutline.com>

app/components/WebsocketProvider.tsx

@@ -19,6 +19,7 @@ import Star from "~/models/Star";
 import Subscription from "~/models/Subscription";
 import Team from "~/models/Team";
 import User from "~/models/User";
+import UserMembership from "~/models/UserMembership";
 import withStores from "~/components/withStores";
 import {
   PartialWithId,
@@ -87,6 +88,7 @@ class WebsocketProvider extends React.Component<Props> {
       pins,
       stars,
       memberships,
+      userMemberships,
       policies,
       comments,
       subscriptions,
@@ -235,6 +237,10 @@ class WebsocketProvider extends React.Component<Props> {
           const collection = collections.get(event.collectionId);
           collection?.removeDocument(event.id);
         }
+
+        userMemberships.orderedData
+          .filter((m) => m.documentId === event.id)
+          .forEach((m) => userMemberships.remove(m.id));
       })
     );
 
@@ -245,6 +251,44 @@ class WebsocketProvider extends React.Component<Props> {
       }
     );
 
+    // received when a user is given access to a document
+    this.socket.on(
+      "documents.add_user",
+      (event: PartialWithId<UserMembership>) => {
+        userMemberships.add(event);
+      }
+    );
+
+    this.socket.on(
+      "documents.remove_user",
+      (event: PartialWithId<UserMembership>) => {
+        if (event.userId) {
+          const userMembership = userMemberships.get(event.id);
+
+          // TODO: Possibly replace this with a one-to-many relation decorator.
+          if (userMembership) {
+            userMemberships
+              .filter({
+                userId: event.userId,
+                sourceId: userMembership.id,
+              })
+              .forEach((m) => {
+                m.documentId && documents.remove(m.documentId);
+              });
+          }
+
+          userMemberships.removeAll({
+            userId: event.userId,
+            documentId: event.documentId,
+          });
+        }
+
+        if (event.documentId && event.userId === auth.user?.id) {
+          documents.remove(event.documentId);
+        }
+      }
+    );
+
     this.socket.on("comments.create", (event: PartialWithId<Comment>) => {
       comments.add(event);
     });
@@ -367,7 +411,7 @@ class WebsocketProvider extends React.Component<Props> {
     this.socket.on(
       "collections.add_user",
       async (event: WebsocketCollectionUserEvent) => {
-        if (auth.user && event.userId === auth.user.id) {
+        if (event.userId === auth.user?.id) {
           await collections.fetch(event.collectionId, {
             force: true,
           });
@@ -386,7 +430,7 @@ class WebsocketProvider extends React.Component<Props> {
     this.socket.on(
       "collections.remove_user",
       async (event: WebsocketCollectionUserEvent) => {
-        if (auth.user && event.userId === auth.user.id) {
+        if (event.userId === auth.user?.id) {
           // check if we still have access to the collection
           try {
             await collections.fetch(event.collectionId, {
@@ -466,12 +510,19 @@ class WebsocketProvider extends React.Component<Props> {
     );
 
     this.socket.on("users.demote", async (event: PartialWithId<User>) => {
-      if (auth.user && event.id === auth.user.id) {
+      if (event.id === auth.user?.id) {
         documents.all.forEach((document) => policies.remove(document.id));
         await collections.fetchAll();
       }
     });
 
+    this.socket.on(
+      "userMemberships.update",
+      async (event: PartialWithId<UserMembership>) => {
+        userMemberships.add(event);
+      }
+    );
+
     // received a message from the API server that we should request
     // to join a specific room. Forward that to the ws server.
     this.socket.on("join", (event) => {