diff options
Diffstat (limited to 'src/fields/util.ts')
| -rw-r--r-- | src/fields/util.ts | 49 |
1 files changed, 36 insertions, 13 deletions
diff --git a/src/fields/util.ts b/src/fields/util.ts index d5b55867e..3860decc9 100644 --- a/src/fields/util.ts +++ b/src/fields/util.ts @@ -9,10 +9,11 @@ import { returnZero } from '../Utils'; import CursorField from './CursorField'; import { AclAdmin, + AclAugment, AclEdit, aclLevel, AclPrivate, - AclSelfEdit, + AclReadonly, AclSym, DataSym, Doc, @@ -33,7 +34,6 @@ import { List } from './List'; import { ObjectField } from './ObjectField'; import { PrefetchProxy, ProxyField } from './Proxy'; import { RefField } from './RefField'; -import { RichTextField } from './RichTextField'; import { SchemaHeaderField } from './SchemaHeaderField'; import { ComputedField } from './ScriptField'; import { ScriptCast, StrCast } from './Types'; @@ -82,8 +82,8 @@ const _setterImpl = action(function (target: any, prop: string | symbol | number const writeMode = DocServer.getFieldWriteMode(prop as string); const fromServer = target[UpdatingFromServer]; const sameAuthor = fromServer || receiver.author === Doc.CurrentUserEmail; - const writeToDoc = sameAuthor || effectiveAcl === AclEdit || effectiveAcl === AclAdmin || writeMode !== DocServer.WriteMode.LiveReadonly; - const writeToServer = (sameAuthor || effectiveAcl === AclEdit || effectiveAcl === AclAdmin || (effectiveAcl === AclSelfEdit && value instanceof RichTextField)) && !DocServer.Control.isReadOnly(); + const writeToDoc = sameAuthor || effectiveAcl === AclEdit || effectiveAcl === AclAugment || effectiveAcl === AclAdmin || writeMode !== DocServer.WriteMode.LiveReadonly; + const writeToServer = (sameAuthor || effectiveAcl === AclEdit || effectiveAcl === AclAugment || effectiveAcl === AclAdmin) && !DocServer.Control.isReadOnly(); if (writeToDoc) { if (value === undefined) { @@ -142,13 +142,13 @@ export function denormalizeEmail(email: string) { * Copies parent's acl fields to the child */ export function inheritParentAcls(parent: Doc, child: Doc) { - return; const dataDoc = parent[DataSym]; for (const key of Object.keys(dataDoc)) { // if the default acl mode is private, then don't inherit the acl-Public permission, but set it to private. const permission = key === 'acl-Public' && Doc.defaultAclPrivate ? AclPrivate : dataDoc[key]; key.startsWith('acl') && distributeAcls(key, permission, child); } + return; } /** @@ -170,10 +170,9 @@ export enum SharingPermissions { Unset = 'None', Admin = 'Admin', Edit = 'Edit', - SelfEdit = 'Self Edit', Augment = 'Augment', View = 'View', - None = 'Not Shared', + None = 'Not-Shared', } // return acl from cache or cache the acl and return. @@ -185,6 +184,7 @@ const getEffectiveAclCache = computedFn(function (target: any, user?: string) { * Calculates the effective access right to a document for the current user. */ export function GetEffectiveAcl(target: any, user?: string): symbol { + target = Doc.GetProto(target); if (!target) return AclPrivate; if (target[UpdatingFromServer]) return AclAdmin; return getEffectiveAclCache(target, user); // all changes received from the server must be processed as Admin. return this directly so that the acls aren't cached (UpdatingFromServer is not observable) @@ -208,8 +208,24 @@ export function SetCachedGroups(groups: string[]) { } function getEffectiveAcl(target: any, user?: string): symbol { const targetAcls = target[AclSym]; - if (targetAcls?.['acl-Me'] === AclAdmin || GetCachedGroupByName('Admin')) return AclAdmin; - + if (targetAcls?.['acl-Me'] === AclAdmin || GetCachedGroupByName(SharingPermissions.Admin)) return AclAdmin; + if (target['acl-' + normalizeEmail(Doc.CurrentUserEmail)]) { + if (target['acl-' + normalizeEmail(Doc.CurrentUserEmail)] == SharingPermissions.Admin) { + return AclAdmin; + } + if (target['acl-' + normalizeEmail(Doc.CurrentUserEmail)] == SharingPermissions.Edit) { + return AclEdit; + } + if (target['acl-' + normalizeEmail(Doc.CurrentUserEmail)] == SharingPermissions.Augment) { + return AclAugment; + } + if (target['acl-' + normalizeEmail(Doc.CurrentUserEmail)] == SharingPermissions.View) { + return AclReadonly; + } + if (target['acl-' + normalizeEmail(Doc.CurrentUserEmail)] == SharingPermissions.None) { + return AclPrivate; + } + } const userChecked = user || Doc.CurrentUserEmail; // if the current user is the author of the document / the current user is a member of the admin group if (targetAcls && Object.keys(targetAcls).length) { let effectiveAcl = AclPrivate; @@ -228,13 +244,20 @@ function getEffectiveAcl(target: any, user?: string): symbol { //const override = targetAcls['acl-Override']; // if (override !== AclUnset && override !== undefined) effectiveAcl = override; - // if we're in playground mode, return AclEdit (or AclAdmin if that's the user's effectiveAcl) return DocServer?.Control?.isReadOnly?.() && HierarchyMapping.get(effectiveAcl)!.level < aclLevel.editable ? AclEdit : effectiveAcl; } // authored documents are private until an ACL is set. const targetAuthor = target.__fields?.author || target.author; // target may be a Doc of Proxy, so check __fields.author and .author if (targetAuthor && targetAuthor !== userChecked) return AclPrivate; return AclAdmin; + let acl = AclPrivate; + if (user) { + acl = target['acl-' + user]; + } else { + acl = target['acl-' + normalizeEmail(Doc.CurrentUserEmail)]; + } + console.log(target['acl-' + normalizeEmail(Doc.CurrentUserEmail)]); + return DocServer?.Control?.isReadOnly?.() && HierarchyMapping.get(acl)!.level < aclLevel.editable ? AclEdit : acl; } /** * Recursively distributes the access right for a user across the children of a document and its annotations. @@ -250,6 +273,7 @@ export function distributeAcls(key: string, acl: SharingPermissions, target: Doc if ((target._viewType === CollectionViewType.Docking && visited.length > 1) || Doc.GetProto(visited[0]) !== Doc.GetProto(target)) { target[key] = acl; + Doc.GetProto(target)[key] = acl; if (target !== Doc.GetProto(target)) { //apparently we can't call updateCachedAcls twice (once for the main dashboard, and again for the nested dashboard...???) updateCachedAcls(target); @@ -263,7 +287,6 @@ export function distributeAcls(key: string, acl: SharingPermissions, target: Doc if (GetEffectiveAcl(target) === AclAdmin && (!inheritingFromCollection || !target[key] || ReverseHierarchyMap.get(StrCast(target[key]))!.level > ReverseHierarchyMap.get(acl)!.level)) { target[key] = acl; layoutDocChanged = true; - if (isDashboard) { DocListCastAsync(target[Doc.LayoutFieldKey(target)]).then(docs => { docs?.forEach(d => distributeAcls(key, acl, d, inheritingFromCollection, visited)); @@ -302,7 +325,7 @@ export function distributeAcls(key: string, acl: SharingPermissions, target: Doc export function setter(target: any, in_prop: string | symbol | number, value: any, receiver: any): boolean { let prop = in_prop; const effectiveAcl = in_prop === 'constructor' || typeof in_prop === 'symbol' ? AclAdmin : getPropAcl(target, prop); - if (effectiveAcl !== AclEdit && effectiveAcl !== AclAdmin && !(effectiveAcl === AclSelfEdit && value instanceof RichTextField)) return true; + if (effectiveAcl !== AclEdit && effectiveAcl !== AclAugment && effectiveAcl !== AclAdmin) return true; // if you're trying to change an acl but don't have Admin access / you're trying to change it to something that isn't an acceptable acl, you can't if (typeof prop === 'string' && prop.startsWith('acl') && (effectiveAcl !== AclAdmin || ![...Object.values(SharingPermissions), undefined].includes(value))) return true; @@ -377,7 +400,7 @@ export function updateFunction(target: any, prop: any, value: any, receiver: any diff?.op === '$addToSet' ? { $addToSet: { ['fields.' + prop]: SerializationHelper.Serialize(new List<Doc>(diff.items)) } } : diff?.op === '$remFromSet' - ? { $remFromSet: { ['fields.' + prop]: SerializationHelper.Serialize(new List<Doc>(diff.items)), hint : diff.hint } } + ? { $remFromSet: { ['fields.' + prop]: SerializationHelper.Serialize(new List<Doc>(diff.items)), hint: diff.hint } } : { $set: { ['fields.' + prop]: SerializationHelper.Serialize(value) } }; !op.$set && ((op as any).length = diff.length); const prevValue = ObjectField.MakeCopy(lastValue as List<any>); |