diff options
Diffstat (limited to 'src/fields')
| -rw-r--r-- | src/fields/Doc.ts | 20 | ||||
| -rw-r--r-- | src/fields/util.ts | 39 |
2 files changed, 29 insertions, 30 deletions
diff --git a/src/fields/Doc.ts b/src/fields/Doc.ts index c674a20d2..8f9f36153 100644 --- a/src/fields/Doc.ts +++ b/src/fields/Doc.ts @@ -126,21 +126,19 @@ export enum aclLevel { unshared = 0, viewable = 1, augmentable = 2, - selfEditable = 2.5, editable = 3, admin = 4, } // prettier-ignore -export const HierarchyMapping: Map<symbol, { level:aclLevel; name: SharingPermissions }> = new Map([ - [AclPrivate, { level: aclLevel.unshared, name: SharingPermissions.None }], - [AclReadonly, { level: aclLevel.viewable, name: SharingPermissions.View }], - [AclAugment, { level: aclLevel.augmentable, name: SharingPermissions.Augment}], - [AclSelfEdit, { level: aclLevel.selfEditable, name: SharingPermissions.SelfEdit }], - [AclEdit, { level: aclLevel.editable, name: SharingPermissions.Edit }], - [AclAdmin, { level: aclLevel.admin, name: SharingPermissions.Admin }], - [AclUnset, { level: aclLevel.unset, name: SharingPermissions.Unset }], +export const HierarchyMapping: Map<symbol, { level:aclLevel; name: SharingPermissions; image: string }> = new Map([ + [AclPrivate, { level: aclLevel.unshared, name: SharingPermissions.None, image: '▲' }], + [AclReadonly, { level: aclLevel.viewable, name: SharingPermissions.View, image: '♦' }], + [AclAugment, { level: aclLevel.augmentable, name: SharingPermissions.Augment, image: '⬟' }], + [AclEdit, { level: aclLevel.editable, name: SharingPermissions.Edit, image: '⬢' }], + [AclAdmin, { level: aclLevel.admin, name: SharingPermissions.Admin, image: '⬢' }], + [AclUnset, { level: aclLevel.unset, name: SharingPermissions.Unset, image: '▲' }], ]); -export const ReverseHierarchyMap: Map<string, { level: aclLevel; acl: symbol }> = new Map(Array.from(HierarchyMapping.entries()).map(value => [value[1].name, { level: value[1].level, acl: value[0] }])); +export const ReverseHierarchyMap: Map<string, { level: aclLevel; acl: symbol ; image: string}> = new Map(Array.from(HierarchyMapping.entries()).map(value => [value[1].name, { level: value[1].level, acl: value[0], image: value[1].image }])); // caches the document access permissions for the current user. // this recursively updates all protos as well. @@ -1090,7 +1088,7 @@ export namespace Doc { target[targetKey] = new PrefetchProxy(templateDoc); } else { titleTarget && (Doc.GetProto(target).title = titleTarget); - const setDoc = [AclAdmin, AclEdit].includes(GetEffectiveAcl(Doc.GetProto(target))) ? Doc.GetProto(target) : target; + const setDoc = [AclAdmin, AclEdit, AclAugment].includes(GetEffectiveAcl(Doc.GetProto(target))) ? Doc.GetProto(target) : target; setDoc[targetKey] = new PrefetchProxy(templateDoc); } } diff --git a/src/fields/util.ts b/src/fields/util.ts index f365adf4b..5bab701ff 100644 --- a/src/fields/util.ts +++ b/src/fields/util.ts @@ -8,16 +8,16 @@ import { UndoManager } from '../client/util/UndoManager'; import { returnZero } from '../Utils'; import CursorField from './CursorField'; import { aclLevel, Doc, DocListCast, DocListCastAsync, HierarchyMapping, ReverseHierarchyMap, updateCachedAcls } from './Doc'; -import { AclAdmin, AclEdit, AclPrivate, AclSelfEdit, DocAcl, DocData, DocLayout, FieldKeys, ForceServerWrite, Height, Initializing, SelfProxy, Update, UpdatingFromServer, Width } from './DocSymbols'; +import { AclAdmin, AclAugment, AclEdit, AclPrivate, DocAcl, DocData, DocLayout, FieldKeys, ForceServerWrite, Height, Initializing, SelfProxy, Update, UpdatingFromServer, Width } from './DocSymbols'; import { Id, OnUpdate, Parent, ToValue } from './FieldSymbols'; import { List } from './List'; import { ObjectField } from './ObjectField'; import { PrefetchProxy, ProxyField } from './Proxy'; import { RefField } from './RefField'; -import { RichTextField } from './RichTextField'; import { SchemaHeaderField } from './SchemaHeaderField'; -import { ComputedField, ScriptField } from './ScriptField'; +import { ComputedField } from './ScriptField'; import { ScriptCast, StrCast } from './Types'; +import { GroupManager } from '../client/util/GroupManager'; function _readOnlySetter(): never { throw new Error("Documents can't be modified in read-only mode"); @@ -64,8 +64,8 @@ const _setterImpl = action(function (target: any, prop: string | symbol | number const writeMode = DocServer.getFieldWriteMode(prop as string); const fromServer = target[UpdatingFromServer]; const sameAuthor = fromServer || receiver.author === Doc.CurrentUserEmail; - const writeToDoc = sameAuthor || effectiveAcl === AclEdit || effectiveAcl === AclAdmin || writeMode !== DocServer.WriteMode.LiveReadonly; - const writeToServer = (sameAuthor || effectiveAcl === AclEdit || effectiveAcl === AclAdmin || (effectiveAcl === AclSelfEdit && value instanceof RichTextField)) && !DocServer.Control.isReadOnly(); + const writeToDoc = sameAuthor || effectiveAcl === AclEdit || effectiveAcl === AclAugment || effectiveAcl === AclAdmin || writeMode !== DocServer.WriteMode.LiveReadonly; + const writeToServer = (sameAuthor || effectiveAcl === AclEdit || effectiveAcl === AclAugment || effectiveAcl === AclAdmin) && !DocServer.Control.isReadOnly(); if (writeToDoc) { if (value === undefined) { @@ -131,7 +131,7 @@ export function denormalizeEmail(email: string) { */ export function inheritParentAcls(parent: Doc, child: Doc) { return; - // const dataDoc = parent[DataSym]; + // const dataDoc = parent[DocData]; // for (const key of Object.keys(dataDoc)) { // // if the default acl mode is private, then don't inherit the acl-Public permission, but set it to private. // const permission = key === 'acl-Public' && Doc.defaultAclPrivate ? AclPrivate : dataDoc[key]; @@ -158,10 +158,9 @@ export enum SharingPermissions { Unset = 'None', Admin = 'Admin', Edit = 'Edit', - SelfEdit = 'Self Edit', Augment = 'Augment', View = 'View', - None = 'Not Shared', + None = 'Not-Shared', } // return acl from cache or cache the acl and return. @@ -175,6 +174,15 @@ const getEffectiveAclCache = computedFn(function (target: any, user?: string) { export function GetEffectiveAcl(target: any, user?: string): symbol { if (!target) return AclPrivate; if (target[UpdatingFromServer]) return AclAdmin; + return getEffectiveAclCache(Doc.GetProto(target), user); // all changes received from the server must be processed as Admin. return this directly so that the acls aren't cached (UpdatingFromServer is not observable) +} + +/** + * Calculates the effective access layout right to a document for the current user. + */ +export function GetEffectiveLayoutAcl(target: any, user?: string): symbol { + if (!target) return AclPrivate; + if (target[UpdatingFromServer]) return AclAdmin; return getEffectiveAclCache(target, user); // all changes received from the server must be processed as Admin. return this directly so that the acls aren't cached (UpdatingFromServer is not observable) } @@ -205,18 +213,13 @@ function getEffectiveAcl(target: any, user?: string): symbol { // there are issues with storing fields with . in the name, so they are replaced with _ during creation // as a result we need to restore them again during this comparison. const entity = denormalizeEmail(key.substring(4)); // an individual or a group - if (HierarchyMapping.get(value as symbol)!.level > HierarchyMapping.get(effectiveAcl)!.level) { - if (GetCachedGroupByName(entity) || userChecked === entity || entity === 'Me') { + if (GetCachedGroupByName(entity) || userChecked === entity || entity === 'Me') { + if (HierarchyMapping.get(value as symbol)!.level > HierarchyMapping.get(effectiveAcl)!.level) { effectiveAcl = value as symbol; } } } - // if there's an overriding acl set through the properties panel or sharing menu, that's what's returned if the user isn't an admin of the document - //const override = targetAcls['acl-Override']; - // if (override !== AclUnset && override !== undefined) effectiveAcl = override; - - // if we're in playground mode, return AclEdit (or AclAdmin if that's the user's effectiveAcl) return DocServer?.Control?.isReadOnly?.() && HierarchyMapping.get(effectiveAcl)!.level < aclLevel.editable ? AclEdit : effectiveAcl; } // authored documents are private until an ACL is set. @@ -235,9 +238,8 @@ function getEffectiveAcl(target: any, user?: string): symbol { export function distributeAcls(key: string, acl: SharingPermissions, target: Doc, inheritingFromCollection?: boolean, visited?: Doc[], isDashboard?: boolean) { if (!visited) visited = [] as Doc[]; if (!target || visited.includes(target)) return; - if ((target._type_collection === CollectionViewType.Docking && visited.length > 1) || Doc.GetProto(visited[0]) !== Doc.GetProto(target)) { - target[key] = acl; + Doc.GetProto(target)[key] = acl; if (target !== Doc.GetProto(target)) { //apparently we can't call updateCachedAcls twice (once for the main dashboard, and again for the nested dashboard...???) updateCachedAcls(target); @@ -251,7 +253,6 @@ export function distributeAcls(key: string, acl: SharingPermissions, target: Doc if (GetEffectiveAcl(target) === AclAdmin && (!inheritingFromCollection || !target[key] || ReverseHierarchyMap.get(StrCast(target[key]))!.level > ReverseHierarchyMap.get(acl)!.level)) { target[key] = acl; layoutDocChanged = true; - if (isDashboard) { DocListCastAsync(target[Doc.LayoutFieldKey(target)]).then(docs => { docs?.forEach(d => distributeAcls(key, acl, d, inheritingFromCollection, visited)); @@ -290,7 +291,7 @@ export function distributeAcls(key: string, acl: SharingPermissions, target: Doc export function setter(target: any, in_prop: string | symbol | number, value: any, receiver: any): boolean { let prop = in_prop; const effectiveAcl = in_prop === 'constructor' || typeof in_prop === 'symbol' ? AclAdmin : getPropAcl(target, prop); - if (effectiveAcl !== AclEdit && effectiveAcl !== AclAdmin && !(effectiveAcl === AclSelfEdit && value instanceof RichTextField)) return true; + if (effectiveAcl !== AclEdit && effectiveAcl !== AclAugment && effectiveAcl !== AclAdmin) return true; // if you're trying to change an acl but don't have Admin access / you're trying to change it to something that isn't an acceptable acl, you can't if (typeof prop === 'string' && prop.startsWith('acl') && (effectiveAcl !== AclAdmin || ![...Object.values(SharingPermissions), undefined].includes(value))) return true; |