import { PartialPermissionSet } from 'app/common/ACLPermissions'; import { CellValue, RowRecord } from 'app/common/DocActions'; export interface RuleSet { tableId: '*' | string; colIds: '*' | string[]; // The default permissions for this resource, if set, are represented by a RulePart with // aclFormula of "", which must be the last element of body. body: RulePart[]; } export interface RulePart { origRecord?: RowRecord; // Original record used to create this RulePart. aclFormula: string; permissions: PartialPermissionSet; permissionsText: string; // The text version of PermissionSet, as stored. // Compiled version of aclFormula. matchFunc?: AclMatchFunc; // Optional memo, currently extracted from comment in formula. memo?: string; } // Light wrapper for reading records or user attributes. export interface InfoView { get(key: string): CellValue; toJSON(): {[key: string]: any}; } // As InfoView, but also supporting writing. export interface InfoEditor { get(key: string): CellValue; set(key: string, val: CellValue): this; toJSON(): {[key: string]: any}; } // Represents user info, which may include properties which are themselves RowRecords. export type UserInfo = Record>; /** * Input into the AclMatchFunc. Compiled formulas evaluate AclMatchInput to produce a boolean. */ export interface AclMatchInput { user: UserInfo; rec?: InfoView; newRec?: InfoView; } /** * The actual boolean function that can evaluate a request. The result of compiling ParsedAclFormula. */ export type AclMatchFunc = (input: AclMatchInput) => boolean; /** * Representation of a parsed ACL formula. */ export type ParsedAclFormula = [string, ...Array]; export interface UserAttributeRule { origRecord?: RowRecord; // Original record used to create this UserAttributeRule. name: string; // Should be unique among UserAttributeRules. tableId: string; // Table in which to look up an existing attribute. lookupColId: string; // Column in tableId in which to do the lookup. charId: string; // Attribute to look up, possibly a path. E.g. 'Email' or 'office.city'. }