yuuza/outline
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: Add preference to disable download option for viewers

Browse Source
This commit is contained in:
Tom Moor
2022-11-08 21:26:02 -05:00
parent 587f062677
commit 369ac487b1
4 changed files with 51 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
server/policies/document.ts
View File

@@ -1,4 +1,5 @@
import invariant from "invariant";
import { TeamPreference } from "@shared/types";
import { Document, Revision, User, Team } from "@server/models";
import { allow, _cannot as cannot } from "./cancan";
@@ -9,7 +10,7 @@ allow(User, "createDocument", Team, (user, team) => {
return true;
});
allow(User, ["read", "download"], Document, (user, document) => {
allow(User, "read", Document, (user, document) => {
if (!document) {
return false;
}
@@ -22,6 +23,26 @@ allow(User, ["read", "download"], Document, (user, document) => {
return user.teamId === document.teamId;
});
allow(User, "download", Document, (user, document) => {
if (!document) {
return false;
}
// existence of collection option is not required here to account for share tokens
if (document.collection && cannot(user, "read", document.collection)) {
return false;
}
if (
user.isViewer &&
!user.team.getPreference(TeamPreference.ViewersCanExport, true)
) {
return false;
}
return user.teamId === document.teamId;
});
allow(User, "star", Document, (user, document) => {
if (!document) {
return false;