vikunja-api/models/namespaces.go

190 lines
4.6 KiB
Go
Raw Normal View History

package models
// Namespace holds informations about a namespace
type Namespace struct {
ID int64 `xorm:"int(11) autoincr not null unique pk" json:"id"`
2018-07-04 08:15:47 +02:00
Name string `xorm:"varchar(250)" json:"name"`
Description string `xorm:"varchar(1000)" json:"description"`
OwnerID int64 `xorm:"int(11) not null" json:"-"`
Owner User `xorm:"-" json:"owner"`
2018-06-14 17:43:00 +02:00
Created int64 `xorm:"created" json:"created"`
Updated int64 `xorm:"updated" json:"updated"`
CRUDable `xorm:"-" json:"-"`
2018-07-10 14:02:23 +02:00
Rights `xorm:"-" json:"-"`
}
// TableName makes beautiful table names
func (Namespace) TableName() string {
return "namespaces"
}
// AfterLoad gets the owner
func (n *Namespace) AfterLoad() {
n.Owner, _, _ = GetUserByID(n.OwnerID)
}
// NamespaceRight defines the rights teams can have for namespaces
type NamespaceRight int
// define unknown namespace right
const (
NamespaceRightUnknown = -1
)
// Enumerate all the namespace rights
const (
// Can read lists in a namespace
NamespaceRightRead NamespaceRight = iota
// Cat write items in a namespace like lists and todo items
NamespaceRightWrite
// Can manage a namespace, can do everything
NamespaceRightAdmin
2018-06-14 17:43:00 +02:00
)
2018-07-10 14:02:23 +02:00
// IsNamespaceAdmin returns whether the usre has admin rights in a namespace
func (user *User) IsNamespaceAdmin(namespace *Namespace) (err error) {
2018-06-14 17:43:00 +02:00
// Owners always have admin rights
if user.ID == namespace.Owner.ID {
return nil
2018-06-14 17:43:00 +02:00
}
// Check if that user is in a team which has admin rights to that namespace
return ErrUserNeedsToBeNamespaceAdmin{UserID: user.ID, NamespaceID: namespace.ID}
2018-06-14 17:43:00 +02:00
}
2018-07-12 00:37:31 +02:00
// IsAdmin returns true or false if the user is admin on that namespace or not
func (n *Namespace) IsAdmin(user *User) bool {
// Owners always have admin rights
if user.ID == n.Owner.ID {
return true
}
// Check if that user is in a team which has admin rights to that namespace
// TODO
return false
}
2018-07-10 14:02:23 +02:00
// CanWrite checks if a user has write access to a namespace
func (n *Namespace) CanWrite(user *User) bool {
// Owners always have access
if user.ID == n.Owner.ID {
return true
}
return true
}
2018-07-10 14:02:23 +02:00
// GetNamespaceByID returns a namespace object by its ID
2018-07-04 08:15:47 +02:00
func GetNamespaceByID(id int64) (namespace Namespace, err error) {
namespace.ID = id
2018-07-04 08:15:47 +02:00
exists, err := x.Get(&namespace)
if err != nil {
return namespace, err
}
if !exists {
return namespace, ErrNamespaceDoesNotExist{ID: id}
}
// Get the namespace Owner
2018-07-04 08:15:47 +02:00
namespace.Owner, _, err = GetUserByID(namespace.OwnerID)
if err != nil {
return namespace, err
}
return namespace, err
}
// ReadOne gets one namespace
func (n *Namespace) ReadOne(id int64) (err error) {
2018-07-12 13:43:42 +02:00
getN := Namespace{}
exists, err := x.ID(id).Get(&getN)
if err != nil {
return
}
if !exists {
return ErrNamespaceDoesNotExist{ID: id}
}
2018-07-12 13:43:42 +02:00
*n = getN
return
}
// ReadAll gets all namespaces a user has access to
func (n *Namespace) ReadAll(doer *User) (interface{}, error) {
all := []*Namespace{}
// TODO respect individual rights
err := x.Select("namespaces.*").
Table("namespaces").
Join("LEFT", "team_namespaces", "namespaces.id = team_namespaces.namespace_id").
Join("LEFT", "team_members", "team_members.team_id = team_namespaces.team_id").
Where("team_members.user_id = ?", doer.ID).
Or("namespaces.owner_id = ?", doer.ID).
GroupBy("namespaces.id").
Find(&all)
if err != nil {
return all, err
}
// Get all users
users := []*User{}
err = x.Select("users.*").
Table("namespaces").
Join("LEFT", "team_namespaces", "namespaces.id = team_namespaces.namespace_id").
Join("LEFT", "team_members", "team_members.team_id = team_namespaces.team_id").
Join("INNER", "users", "users.id = namespaces.owner_id").
Where("team_members.user_id = ?", doer.ID).
Or("namespaces.owner_id = ?", doer.ID).
GroupBy("users.id").
Find(&users)
if err != nil {
return all, err
}
// Put user objects in our namespace list
for i, n := range all {
for _, u := range users {
if n.OwnerID == u.ID {
all[i].Owner = *u
break
}
}
}
return all, nil
}
2018-07-12 13:43:42 +02:00
func (n *Namespace) CanRead(user *User) bool {
// Owners always have access
if user.ID == n.Owner.ID {
return true
}
// Check if the user is in a team which has access to the namespace
all := Namespace{}
// TODO respect individual rights
exists, _ := x.Select("namespaces.*").
Table("namespaces").
Join("LEFT", "team_namespaces", "namespaces.id = team_namespaces.namespace_id").
Join("LEFT", "team_members", "team_members.team_id = team_namespaces.team_id").
Where("team_members.user_id = ?", user.ID).
Or("namespaces.owner_id = ?", user.ID).
And("namespaces.id = ?", n.ID).
GroupBy("namespaces.id").
Get(&all)
return exists
}