|
|
|
@ -12,16 +12,29 @@ class Sharing extends Controller {
|
|
|
|
|
|
|
|
|
|
async share_page(req, res) {
|
|
|
|
|
const level = req.form.level
|
|
|
|
|
|
|
|
|
|
if ( req.query.public ) {
|
|
|
|
|
await req.form.page.share_public(req.user, level)
|
|
|
|
|
} else if ( req.form.user ) {
|
|
|
|
|
await req.form.page.share_with(req.form.user, level)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return res.api({})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async revoke_page(req, res) {
|
|
|
|
|
if ( req.query.public ) {
|
|
|
|
|
await req.form.page.unshare_public(req.user)
|
|
|
|
|
} else if ( req.form.user ) {
|
|
|
|
|
await req.form.page.unshare_with(req.form.user)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return res.api({})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async page_info(req, res) {
|
|
|
|
|
const PublicUserPermission = this.models.get('auth:PublicUserPermission')
|
|
|
|
|
|
|
|
|
|
const data = {
|
|
|
|
|
view: (await req.form.page.view_users).map(x => {
|
|
|
|
|
return {username: x.uid, id: x.id, level: 'view'}
|
|
|
|
@ -34,10 +47,25 @@ class Sharing extends Controller {
|
|
|
|
|
}),
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const public_user_can = async perm => PublicUserPermission.can(`page:${req.form.page.UUID}:${perm}`)
|
|
|
|
|
|
|
|
|
|
if ( await public_user_can('manage') ) {
|
|
|
|
|
data.manage.push({ username: '(Public Users)', public: true, id: '0', level: 'manage' })
|
|
|
|
|
} else if ( await public_user_can('update') ) {
|
|
|
|
|
data.update.push({ username: '(Public Users)', public: true, id: '0', level: 'update' })
|
|
|
|
|
} else if ( await public_user_can('view') ) {
|
|
|
|
|
data.view.push({ username: '(Public Users)', public: true, id: '0', level: 'view' })
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return res.api(data)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async get_link(req, res) {
|
|
|
|
|
if ( req.query.public ) {
|
|
|
|
|
await req.form.page.share_public(req.user, req.form.level)
|
|
|
|
|
return res.api({})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const KeyAction = this.models.get('auth:KeyAction')
|
|
|
|
|
const in_1_week = new Date
|
|
|
|
|
in_1_week.setDate(in_1_week.getDate() + 7)
|
|
|
|
@ -57,6 +85,24 @@ class Sharing extends Controller {
|
|
|
|
|
return res.api({ link: action.auth_url() })
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async permission_check(req, res) {
|
|
|
|
|
return res.api({
|
|
|
|
|
check: await req.user.can(req.form.permission),
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async permission_check_page(req, res) {
|
|
|
|
|
const Page = this.models.get('api:Page')
|
|
|
|
|
const page = await Page.findOne({
|
|
|
|
|
UUID: req.params.PageId,
|
|
|
|
|
Active: true,
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
return res.api({
|
|
|
|
|
check: page && (await page.is_accessible_by(req.user, req.params.level)),
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async accept_link(req, res) {
|
|
|
|
|
if ( !req.user ) return req.security.kickout()
|
|
|
|
|
const Page = this.models.get('api:Page')
|
|
|
|
|