Update label rights to return the max right
This commit is contained in:
parent
15a6c2bf8c
commit
d57f030687
|
@ -33,7 +33,7 @@ func (l *Label) CanDelete(a web.Auth) (bool, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// CanRead checks if a user can read a label
|
// CanRead checks if a user can read a label
|
||||||
func (l *Label) CanRead(a web.Auth) (bool, error) {
|
func (l *Label) CanRead(a web.Auth) (bool, int, error) {
|
||||||
return l.hasAccessToLabel(a)
|
return l.hasAccessToLabel(a)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -61,24 +61,37 @@ func (l *Label) isLabelOwner(a web.Auth) (bool, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Helper method to check if a user can see a specific label
|
// Helper method to check if a user can see a specific label
|
||||||
func (l *Label) hasAccessToLabel(a web.Auth) (bool, error) {
|
func (l *Label) hasAccessToLabel(a web.Auth) (has bool, maxRight int, err error) {
|
||||||
|
|
||||||
// TODO: add an extra check for link share handling
|
// TODO: add an extra check for link share handling
|
||||||
|
|
||||||
// Get all tasks
|
// Get all tasks
|
||||||
taskIDs, err := getUserTaskIDs(&user.User{ID: a.GetID()})
|
taskIDs, err := getUserTaskIDs(&user.User{ID: a.GetID()})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return false, err
|
return false, 0, err
|
||||||
}
|
}
|
||||||
|
|
||||||
// Get all labels associated with these tasks
|
// Get all labels associated with these tasks
|
||||||
var labels []*Label
|
ll := &LabelTask{}
|
||||||
has, err := x.Table("labels").
|
has, err = x.Table("labels").
|
||||||
Select("labels.*").
|
Select("labels_task.*").
|
||||||
Join("LEFT", "label_task", "label_task.label_id = labels.id").
|
Join("LEFT", "label_task", "label_task.label_id = labels.id").
|
||||||
Where("label_task.label_id is not null OR labels.created_by_id = ?", a.GetID()).
|
Where("label_task.label_id is not null OR labels.created_by_id = ?", a.GetID()).
|
||||||
Or(builder.In("label_task.task_id", taskIDs)).
|
Or(builder.In("label_task.task_id", taskIDs)).
|
||||||
And("labels.id = ?", l.ID).
|
And("labels.id = ?", l.ID).
|
||||||
Exist(&labels)
|
Exist(ll)
|
||||||
return has, err
|
if err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// Since the right depends on the task the label is associated with, we need to check that too.
|
||||||
|
if ll.TaskID > 0 {
|
||||||
|
t := &Task{ID: ll.TaskID}
|
||||||
|
_, maxRight, err = t.CanRead(a)
|
||||||
|
if err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return
|
||||||
}
|
}
|
||||||
|
|
|
@ -291,7 +291,7 @@ func (t *Task) updateTaskLabels(creator web.Auth, labels []*Label) (err error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if the user has the rights to see the label he is about to add
|
// Check if the user has the rights to see the label he is about to add
|
||||||
hasAccessToLabel, err := label.hasAccessToLabel(creator)
|
hasAccessToLabel, _, err := label.hasAccessToLabel(creator)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
|
@ -27,7 +27,7 @@ func (lt *LabelTask) CanCreate(a web.Auth) (bool, error) {
|
||||||
return false, err
|
return false, err
|
||||||
}
|
}
|
||||||
|
|
||||||
hasAccessTolabel, err := label.hasAccessToLabel(a)
|
hasAccessTolabel, _, err := label.hasAccessToLabel(a)
|
||||||
if err != nil || !hasAccessTolabel { // If the user doesn't have access to the label, we can error out here
|
if err != nil || !hasAccessTolabel { // If the user doesn't have access to the label, we can error out here
|
||||||
return false, err
|
return false, err
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue