mirrors/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2025-05-27 21:44:21 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
hedgedoc/backend/src/permissions/utils/find-highest-note-permission-by-group.ts
Erik Michelson a9183e82bf
feat(knex): create database interfaces and knexjs nest integration 
Co-authored-by: Philip Molares <philip.molares@udo.edu>
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2025-04-23 22:49:10 +02:00

62 lines
2.1 KiB
TypeScript
Raw Blame History

/*
* SPDX-FileCopyrightText: 2023 The HedgeDoc developers (see AUTHORS file)
*
* SPDX-License-Identifier: AGPL-3.0-only
*/
import { User } from '../../database/user.entity';
import { Group } from '../../groups/group.entity';
import { SpecialGroup } from '../../groups/groups.special';
import { NoteGroupPermission } from '../note-group-permission.entity';
import { NotePermission } from '../note-permission.enum';
/**
* Inspects the given note permissions and finds the highest {@link NoteGroupPermission} for the given {@link Group}.
*
* @param user The group whose permissions should be determined
* @param groupPermissions The search basis
* @return The found permission or {@link NotePermission.DENY} if no permission could be found.
* @async
*/
export async function findHighestNotePermissionByGroup(
user: User,
groupPermissions: NoteGroupPermission[],
): Promise<NotePermission.DENY | NotePermission.READ | NotePermission.WRITE> {
let highestGroupPermission = NotePermission.DENY;
for (const groupPermission of groupPermissions) {
const permission = await findNotePermissionByGroup(user, groupPermission);
if (permission === NotePermission.WRITE) {
return NotePermission.WRITE;
}
highestGroupPermission =
highestGroupPermission > permission ? highestGroupPermission : permission;
}
return highestGroupPermission;
}
async function findNotePermissionByGroup(
user: User,
groupPermission: NoteGroupPermission,
): Promise<NotePermission.DENY | NotePermission.READ | NotePermission.WRITE> {
const group = await groupPermission.group;
if (!isSpecialGroup(group) && !(await isUserInGroup(user, group))) {
return NotePermission.DENY;
}
return groupPermission.canEdit ? NotePermission.WRITE : NotePermission.READ;
}
function isSpecialGroup(group: Group): boolean {
return (
group.special &&
(group.name === (SpecialGroup.LOGGED_IN as string) ||
group.name === (SpecialGroup.EVERYONE as string))
);
}
async function isUserInGroup(user: User, group: Group): Promise<boolean> {
for (const member of await group.members) {
if (member.id === user.id) {
return true;
}
}
return false;
}
Reference in a new issue View git blame Copy permalink