Add manage permission to documents (#7003)

2024-06-10 20:38:23 -04:00
parent 1ad7c7409a
commit 7bf5c4e533
9 changed files with 43 additions and 20 deletions
--- a/app/components/InputSelectPermission.tsx
+++ b/app/components/InputSelectPermission.tsx
@@ -23,15 +23,16 @@ function InputSelectPermission(
      ref={ref}
      label={t("Permission")}
      options={[
-        {
-          label: t("Can edit"),
-          value: CollectionPermission.ReadWrite,
-        },
        {
          label: t("View only"),
          value: CollectionPermission.Read,
        },
        {
+          label: t("Can edit"),
+          value: CollectionPermission.ReadWrite,
+        },
+        {
+          divider: true,
          label: t("No access"),
          value: EmptySelectValue,
        },
--- a/app/components/Sharing/Collection/CollectionMemberList.tsx
+++ b/app/components/Sharing/Collection/CollectionMemberList.tsx
@@ -53,16 +53,16 @@ function CollectionMemberList({ collection, invitedInSession }: Props) {
    () =>
      [
        {
-          label: t("Admin"),
-          value: CollectionPermission.Admin,
+          label: t("View only"),
+          value: CollectionPermission.Read,
        },
        {
          label: t("Can edit"),
          value: CollectionPermission.ReadWrite,
        },
        {
-          label: t("View only"),
-          value: CollectionPermission.Read,
+          label: t("Manage"),
+          value: CollectionPermission.Admin,
        },
        {
          divider: true,
--- a/app/components/Sharing/Collection/SharePopover.tsx
+++ b/app/components/Sharing/Collection/SharePopover.tsx
@@ -229,16 +229,16 @@ function SharePopover({ collection, visible, onRequestClose }: Props) {
    () =>
      [
        {
-          label: t("Admin"),
-          value: CollectionPermission.Admin,
+          label: t("View only"),
+          value: CollectionPermission.Read,
        },
        {
          label: t("Can edit"),
          value: CollectionPermission.ReadWrite,
        },
        {
-          label: t("View only"),
-          value: CollectionPermission.Read,
+          label: t("Manage"),
+          value: CollectionPermission.Admin,
        },
      ] as Permission[],
    [t]
--- a/app/components/Sharing/Document/DocumentMemberListItem.tsx
+++ b/app/components/Sharing/Document/DocumentMemberListItem.tsx
@@ -51,6 +51,10 @@ const DocumentMemberListItem = ({
      label: t("Can edit"),
      value: DocumentPermission.ReadWrite,
    },
+    {
+      label: t("Manage"),
+      value: DocumentPermission.Admin,
+    },
    {
      divider: true,
      label: t("Remove"),
--- a/app/components/Sharing/Document/SharePopover.tsx
+++ b/app/components/Sharing/Document/SharePopover.tsx
@@ -202,13 +202,17 @@ function SharePopover({
  const permissions = React.useMemo(
    () =>
      [
+        {
+          label: t("View only"),
+          value: DocumentPermission.Read,
+        },
        {
          label: t("Can edit"),
          value: DocumentPermission.ReadWrite,
        },
        {
-          label: t("View only"),
-          value: DocumentPermission.Read,
+          label: t("Manage"),
+          value: DocumentPermission.Admin,
        },
      ] as Permission[],
    [t]
--- a/server/emails/templates/DocumentSharedEmail.tsx
+++ b/server/emails/templates/DocumentSharedEmail.tsx
@@ -73,7 +73,7 @@ View Document: ${teamUrl}${document.path}
    const documentUrl = `${teamUrl}${document.path}?ref=notification-email`;

    const permission =
-      membership.permission === DocumentPermission.ReadWrite ? "edit" : "view";
+      membership.permission === DocumentPermission.Read ? "view" : "edit";

    return (
      <EmailTemplate
--- a/server/policies/document.ts
+++ b/server/policies/document.ts
@@ -26,6 +26,7 @@ allow(User, "read", Document, (actor, document) =>
      includesMembership(document, [
        DocumentPermission.Read,
        DocumentPermission.ReadWrite,
+        DocumentPermission.Admin,
      ]),
      and(!!document?.isDraft, actor.id === document?.createdById),
      can(actor, "readDocument", document?.collection)
@@ -93,7 +94,10 @@ allow(User, "update", Document, (actor, document) =>
    isTeamMutable(actor),
    !!document?.isActive,
    or(
-      includesMembership(document, [DocumentPermission.ReadWrite]),
+      includesMembership(document, [
+        DocumentPermission.ReadWrite,
+        DocumentPermission.Admin,
+      ]),
      or(
        can(actor, "updateDocument", document?.collection),
        and(!!document?.isDraft && actor.id === document?.createdById)
@@ -115,6 +119,7 @@ allow(User, ["move", "duplicate", "manageUsers"], Document, (actor, document) =>
    !actor.isGuest,
    can(actor, "update", document),
    or(
+      includesMembership(document, [DocumentPermission.Admin]),
      can(actor, "updateDocument", document?.collection),
      and(!!document?.isDraft && actor.id === document?.createdById)
    )
@@ -124,6 +129,7 @@ allow(User, ["move", "duplicate", "manageUsers"], Document, (actor, document) =>
 allow(User, "createChildDocument", Document, (actor, document) =>
  and(
    can(actor, "update", document),
+    can(actor, "read", document?.collection),
    !document?.isDraft,
    !document?.template,
    !actor.isGuest
@@ -171,7 +177,10 @@ allow(User, ["restore", "permanentDelete"], Document, (actor, document) =>
    !actor.isGuest,
    !!document?.isDeleted,
    or(
-      includesMembership(document, [DocumentPermission.ReadWrite]),
+      includesMembership(document, [
+        DocumentPermission.ReadWrite,
+        DocumentPermission.Admin,
+      ]),
      or(
        can(actor, "updateDocument", document?.collection),
        and(!!document?.isDraft && actor.id === document?.createdById)
@@ -202,7 +211,10 @@ allow(User, "unarchive", Document, (actor, document) =>
    and(
      can(actor, "read", document),
      or(
-        includesMembership(document, [DocumentPermission.ReadWrite]),
+        includesMembership(document, [
+          DocumentPermission.ReadWrite,
+          DocumentPermission.Admin,
+        ]),
        or(
          can(actor, "updateDocument", document?.collection),
          and(!!document?.isDraft && actor.id === document?.createdById)
--- a/shared/i18n/locales/en_US/translation.json
+++ b/shared/i18n/locales/en_US/translation.json
@@ -251,8 +251,8 @@
  "Select a color": "Select a color",
  "Search": "Search",
  "Permission": "Permission",
-  "Can edit": "Can edit",
  "View only": "View only",
+  "Can edit": "Can edit",
  "No access": "No access",
  "Default access": "Default access",
  "Change Language": "Change Language",
@@ -267,7 +267,7 @@
  "Documents": "Documents",
  "Results": "Results",
  "No results for {{query}}": "No results for {{query}}",
-  "Admin": "Admin",
+  "Manage": "Manage",
  "Invite": "Invite",
  "{{ userName }} was added to the collection": "{{ userName }} was added to the collection",
  "{{ count }} people added to the collection": "{{ count }} people added to the collection",
@@ -632,6 +632,7 @@
  "No people left to add": "No people left to add",
  "Active <1></1> ago": "Active <1></1> ago",
  "Never signed in": "Never signed in",
+  "Admin": "Admin",
  "{{userName}} was removed from the group": "{{userName}} was removed from the group",
  "Add and remove members to the <em>{{groupName}}</em> group. Members of the group will have access to any collections this group has been added to.": "Add and remove members to the <em>{{groupName}}</em> group. Members of the group will have access to any collections this group has been added to.",
  "Add people": "Add people",
--- a/shared/types.ts
+++ b/shared/types.ts
@@ -107,6 +107,7 @@ export enum CollectionPermission {
 export enum DocumentPermission {
  Read = "read",
  ReadWrite = "read_write",
+  Admin = "admin",
 }

 export type IntegrationSettings<T> = T extends IntegrationType.Embed