feat: Add preference to disable download option for viewers

2022-11-08 21:26:02 -05:00
parent 587f062677
commit 369ac487b1
4 changed files with 51 additions and 1 deletions
--- a/app/scenes/Settings/Security.tsx
+++ b/app/scenes/Settings/Security.tsx
@@ -5,6 +5,7 @@ import { useState } from "react";
 import * as React from "react";
 import { useTranslation, Trans } from "react-i18next";
 import { useTheme } from "styled-components";
+import { TeamPreference } from "@shared/types";
 import AuthLogo from "~/components/AuthLogo";
 import ConfirmationDialog from "~/components/ConfirmationDialog";
 import Flex from "~/components/Flex";
@@ -86,6 +87,17 @@ function Security() {
    [data, saveData]
  );

+  const handlePreferenceChange = React.useCallback(
+    async (ev: React.ChangeEvent<HTMLInputElement>) => {
+      const preferences = {
+        ...team.preferences,
+        [ev.target.id]: ev.target.checked,
+      };
+      await saveData({ preferences });
+    },
+    [saveData, team.preferences]
+  );
+
  const handleInviteRequiredChange = React.useCallback(
    async (ev: React.ChangeEvent<HTMLInputElement>) => {
      const inviteRequired = ev.target.checked;
@@ -239,6 +251,19 @@ function Security() {
      >
        <Switch id="sharing" checked={data.sharing} onChange={handleChange} />
      </SettingRow>
+      <SettingRow
+        label={t("Viewer document exports")}
+        name={TeamPreference.ViewersCanExport}
+        description={t(
+          "When enabled, viewers can see download options for documents"
+        )}
+      >
+        <Switch
+          id={TeamPreference.ViewersCanExport}
+          checked={team.getPreference(TeamPreference.ViewersCanExport, true)}
+          onChange={handlePreferenceChange}
+        />
+      </SettingRow>
      <SettingRow
        label={t("Rich service embeds")}
        name="documentEmbeds"
--- a/server/policies/document.ts
+++ b/server/policies/document.ts
@@ -1,4 +1,5 @@
 import invariant from "invariant";
+import { TeamPreference } from "@shared/types";
 import { Document, Revision, User, Team } from "@server/models";
 import { allow, _cannot as cannot } from "./cancan";

@@ -9,7 +10,7 @@ allow(User, "createDocument", Team, (user, team) => {
  return true;
 });

-allow(User, ["read", "download"], Document, (user, document) => {
+allow(User, "read", Document, (user, document) => {
  if (!document) {
    return false;
  }
@@ -22,6 +23,26 @@ allow(User, ["read", "download"], Document, (user, document) => {
  return user.teamId === document.teamId;
 });

+allow(User, "download", Document, (user, document) => {
+  if (!document) {
+    return false;
+  }
+
+  // existence of collection option is not required here to account for share tokens
+  if (document.collection && cannot(user, "read", document.collection)) {
+    return false;
+  }
+
+  if (
+    user.isViewer &&
+    !user.team.getPreference(TeamPreference.ViewersCanExport, true)
+  ) {
+    return false;
+  }
+
+  return user.teamId === document.teamId;
+});
+
 allow(User, "star", Document, (user, document) => {
  if (!document) {
    return false;
--- a/shared/i18n/locales/en_US/translation.json
+++ b/shared/i18n/locales/en_US/translation.json
@@ -730,6 +730,8 @@
  "Default role": "Default role",
  "The default user role for new accounts. Changing this setting does not affect existing user accounts.": "The default user role for new accounts. Changing this setting does not affect existing user accounts.",
  "When enabled, documents can be shared publicly on the internet by any member of the workspace": "When enabled, documents can be shared publicly on the internet by any member of the workspace",
+  "Viewer document exports": "Viewer document exports",
+  "When enabled, viewers can see download options for documents": "When enabled, viewers can see download options for documents",
  "Rich service embeds": "Rich service embeds",
  "Links to supported services are shown as rich embeds within your documents": "Links to supported services are shown as rich embeds within your documents",
  "Collection creation": "Collection creation",
--- a/shared/types.ts
+++ b/shared/types.ts
@@ -59,6 +59,8 @@ export enum TeamPreference {
  SeamlessEdit = "seamlessEdit",
  /** Whether to use team logo across the app for branding. */
  PublicBranding = "publicBranding",
+  /** Whether viewers should see download options */
+  ViewersCanExport = "viewersCanExport",
 }

 export type TeamPreferences = { [key in TeamPreference]?: boolean };