yuuza/outline
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Policies refactor, guest roles (#6732)

Browse Source
This commit is contained in:
Tom Moor
2024-03-31 18:28:35 -06:00
committed by GitHub
parent ceb7ae1514
commit c27cd945a7
46 changed files with 901 additions and 1032 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
server/policies/attachment.ts
View File

@@ -1,38 +1,12 @@
import { Attachment, User, Team } from "@server/models";
import { allow } from "./cancan";
import { and, isOwner, isTeamModel, or } from "./utils";
allow(User, "createAttachment", Team, (user, team) => {
if (!team || user.isViewer || user.teamId !== team.id) {
return false;
}
return true;
});
allow(User, "createAttachment", Team, isTeamModel);
allow(User, "read", Attachment, (actor, attachment) => {
if (!attachment || !actor || attachment.teamId !== actor.teamId) {
return false;
}
if (actor.isAdmin) {
return true;
}
if (actor.id === attachment.userId) {
return true;
}
return false;
});
allow(User, "delete", Attachment, (actor, attachment) => {
if (actor.isViewer) {
return false;
}
if (!attachment || attachment.teamId !== actor.teamId) {
return false;
}
if (actor.isAdmin) {
return true;
}
if (actor.id === attachment.userId) {
return true;
}
return false;
});
allow(User, ["read", "update", "delete"], Attachment, (actor, attachment) =>
and(
isTeamModel(actor, attachment),
or(actor.isAdmin, isOwner(actor, attachment))
)
);