diff options
| author | metamuffin <metamuffin@disroot.org> | 2023-10-04 20:41:59 +0200 |
|---|---|---|
| committer | metamuffin <metamuffin@disroot.org> | 2023-10-04 20:41:59 +0200 |
| commit | 347274afb36e926b328e799ca8004fc874ffe4cb (patch) | |
| tree | 8c7ec38938e3673ce5752bffa9442daa9f589f3d /base | |
| parent | 4095a8804c17c3ec12706f00d3694f564afc0b95 (diff) | |
| download | jellything-347274afb36e926b328e799ca8004fc874ffe4cb.tar jellything-347274afb36e926b328e799ca8004fc874ffe4cb.tar.bz2 jellything-347274afb36e926b328e799ca8004fc874ffe4cb.tar.zst | |
more permission stuff
Diffstat (limited to 'base')
| -rw-r--r-- | base/src/permission.rs | 46 |
1 files changed, 40 insertions, 6 deletions
diff --git a/base/src/permission.rs b/base/src/permission.rs index 382a16e..cc0e32c 100644 --- a/base/src/permission.rs +++ b/base/src/permission.rs @@ -1,19 +1,24 @@ use crate::CONF; use anyhow::anyhow; -use jellycommon::user::{PermissionSet, UserPermission}; +use jellycommon::{ + user::{PermissionSet, UserPermission}, + Node, +}; pub trait PermissionSetExt { - fn check(&self, perm: &UserPermission) -> bool; + fn check_explicit(&self, perm: &UserPermission) -> Option<bool>; + fn check(&self, perm: &UserPermission) -> bool { + self.check_explicit(perm).unwrap_or(perm.default_value()) + } fn assert(&self, perm: &UserPermission) -> Result<(), anyhow::Error>; } impl PermissionSetExt for PermissionSet { - fn check(&self, perm: &UserPermission) -> bool { - *self - .0 + fn check_explicit(&self, perm: &UserPermission) -> Option<bool> { + self.0 .get(&perm) .or(CONF.default_permission_set.0.get(&perm)) - .unwrap_or(&perm.default_value()) + .map(|v| *v) } fn assert(&self, perm: &UserPermission) -> Result<(), anyhow::Error> { if self.check(perm) { @@ -25,3 +30,32 @@ impl PermissionSetExt for PermissionSet { } } } + +pub trait NodePermissionExt { + fn only_if_permitted(self, perms: &PermissionSet) -> Self; +} +impl NodePermissionExt for Option<Node> { + fn only_if_permitted(self, perms: &PermissionSet) -> Self { + self.and_then(|node| { + if check_node_permission(perms, &node) { + Some(node) + } else { + None + } + }) + } +} +fn check_node_permission(perms: &PermissionSet, node: &Node) -> bool { + if let Some(v) = + perms.check_explicit(&UserPermission::AccessNode(node.public.id.clone().unwrap())) + { + v + } else { + for com in node.public.path.clone().into_iter().rev() { + if let Some(v) = perms.check_explicit(&UserPermission::AccessNode(com.to_owned())) { + return v; + } + } + return false; + } +} |