#4 - add support for sharing pages publicly, without login

app/models/api/Page.model.js

@@ -106,7 +106,7 @@ class Page extends VersionedModel {
         return visible
     }
 
-    is_shared() {
+    is_shared() {  // TODO: public user sharing...
         return this.shared_users_view.length > 0 || this.shared_users_update.length > 0 || this.shared_users_manage.length > 0
     }
 
@@ -215,6 +215,46 @@ class Page extends VersionedModel {
         else return false
     }
 
+    async share_public(current_user, level = 'view') {
+        const PublicUserPermission = this.models.get('auth:PublicUserPermission')
+
+        if ( !['view', 'update', 'manage'].includes(level) ) {
+            throw new Error(`Invalid share level: ${level}`)
+        }
+
+        const possible_grants = [':view', ':manage', ':update', ''].map(x => `page:${this.UUID}${x}`)
+
+        // Remove existing sharing info
+        await PublicUserPermission.deleteMany({
+            permission: {
+                $in: possible_grants,
+            },
+        })
+
+        // Create the new sharing level
+        const share = new PublicUserPermission({
+            associated_user_id: this.OrgUserId,
+            permission: `page:${this.UUID}:${level}`,
+        })
+
+        await this.version_save(`Shared publicly (${level} access)`, current_user.id)
+        await share.save()
+    }
+
+    async unshare_public(current_user) {
+        const PublicUserPermission = this.models.get('auth:PublicUserPermission')
+        const possible_grants = [':view', ':manage', ':update', ''].map(x => `page:${this.UUID}${x}`)
+
+        // Remove existing sharing info
+        await PublicUserPermission.deleteMany({
+            permission: {
+                $in: possible_grants,
+            },
+        })
+
+        await this.version_save(`Un-shared public access)`, current_user.id)
+    }
+
     async share_with(user, level = 'view') {
         if ( !['view', 'update', 'manage'].includes(level) ) {
             throw new Error(`Invalid share level: ${level}`)

app/models/auth/PublicUserPermission.model.js

@@ -12,10 +12,18 @@ class PublicUserPermissionModel extends Model {
     }
 
     static async can(permission) {
-        const permission_parts = permission.split(':');
+        const permission_parts = permission.split(':')
+        const permission_checks = []
+        const current_check = []
+
+        for ( const part of permission_parts ) {
+            current_check.push(part)
+            permission_checks.push(current_check.join(':'))
+        }
+
         const match = await this.findOne({
             permission: {
-                $in: permission_parts
+                $in: permission_checks
             }
         })
 

app/models/auth/User.model.js

@@ -76,6 +76,14 @@ class User extends AuthUser {
     is_public_user() {
         return false
     }
+
+    async can(permission) {
+        if ( super.can(permission) ) return true
+
+        const PublicUserPermission = this.models.get('auth:PublicUserPermission')
+        return await PublicUserPermission.can(permission)
+    }
 }
 
+
 module.exports = exports = User