backend/app/models/auth/User.model.js
garrettmills 572edda4ae
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone Build is passing
Fix user permission grant issue
2021-03-16 16:50:01 -05:00

96 lines
3.1 KiB
JavaScript

const AuthUser = require('flitter-auth/model/User')
/*
* Auth user model. This inherits fields and methods from the default
* flitter-auth/model/User model, however you can override methods and
* properties here as you need.
*/
class User extends AuthUser {
static get services() {
return [...super.services, 'models']
}
static get schema() {
return {...super.schema, ...{
// other schema fields here
full_name: String,
preferences: {
dark_mode: { type: Boolean, default: false },
auto_prefetch: { type: Boolean, default: false },
default_page: String,
bookmark_page_ids: [String],
},
}}
}
async get_root_page() {
const Page = this.models.get('api:Page')
return Page.findOne({OrgUserId: this._id, ParentId: '0'})
}
async get_bookmarked_pages() {
const Page = this.models.get('api:Page')
const pages = await Page.find({ UUID: { $in: this.preferences.bookmark_page_ids || [] }})
const visible = []
for ( const page of pages ) {
if ( await page.is_accessible_by(this) ) {
visible.push(page)
}
}
return visible
}
async get_accessible_pages() {
const Page = this.models.get('api:Page')
const user_page = await this.get_root_page()
const user_pages = await user_page.visible_flat_children(this)
let view_pages = await Page.find({ shared_users_view: this._id })
for ( const page of view_pages ) {
view_pages = [...view_pages, ...(await page.visible_flat_children(this))]
}
let update_pages = await Page.find({ shared_users_update: this._id })
for ( const page of update_pages ) {
update_pages = [...update_pages, ...(await page.visible_flat_children(this))]
}
let manage_pages = await Page.find({ shared_users_manage: this._id })
for ( const page of manage_pages ) {
manage_pages = [...manage_pages, ...(await page.visible_flat_children(this))]
}
const all_pages = [...user_pages, ...view_pages, ...update_pages, ...manage_pages].filter(x => !x.virtual)
const uniq_page_obj = {}
for ( const page of all_pages ) {
uniq_page_obj[page.UUID] = page
}
return Object.values(uniq_page_obj)
}
// Other members and methods here
is_public_user() {
return false
}
async can(permission) {
if ( super.can(permission) ) return true
const PublicUserPermission = this.models.get('auth:PublicUserPermission')
return await PublicUserPermission.can(permission)
}
allow(permission, force = false){
// Need to check super.can, since this.can is async.
// This will exclude public user permissions, which is the behavior we want anyway.
if ( !super.can(permission) || (force && !this.permissions.includes(permission)) ) this.permissions.push(permission)
}
}
module.exports = exports = User