antontranelis/utopia-ui
1
0
Fork 0
mirror of https://github.com/utopia-os/utopia-ui.git synced 2025-12-13 07:46:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix permission logic

Browse Source
This commit is contained in:
Anton Tranelis 2024-07-24 15:16:40 +02:00
parent 02ffdcae22
commit 8dc8779fe5
3 changed files with 34 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/Components/Map/Subcomponents/ItemFormPopup.tsx
View File

@ -83,7 +83,6 @@ export function ItemFormPopup(props: ItemFormPopupProps) {
}
else {
const item = items.find(i => i.user_created?.id === user?.id && i.layer?.itemType.name === props.layer.itemType.name);
console.log(item);
const uuid = crypto.randomUUID();
let success = false;

2
src/Components/Map/Subcomponents/ItemPopupComponents/HeaderView.tsx
View File

@ -91,7 +91,7 @@ export function HeaderView({ item, api, editCallback, deleteCallback, setPositio
</svg>
</label>
<ul tabIndex={0} className="tw-dropdown-content tw-menu tw-p-2 tw-shadow tw-bg-base-100 tw-rounded-box tw-z-1000">
{((api?.updateItem && hasUserPermission(api.collectionName!, "update", item)) || item.layer?.customEditLink) && editCallback && <li>
{((api?.updateItem && hasUserPermission(api.collectionName!, "update", item))) && editCallback && <li>
<a className="!tw-text-base-content tw-cursor-pointer" onClick={(e) => item.layer?.customEditLink ? navigate(`${item.layer.customEditLink}${item.layer.customEditParameter ? `/${getValue(item, item.layer.customEditParameter)}${params && "?"+params}` : ""} `) : editCallback(e)}>
<svg xmlns="http://www.w3.org/2000/svg" className="tw-h-5 tw-w-5" viewBox="0 0 20 20" fill="currentColor">
<path d="M13.586 3.586a2 2 0 112.828 2.828l-.793.793-2.828-2.828.793-.793zM11.379 5.793L3 14.172V17h2.828l8.38-8.379-2.83-2.828z" />

53
src/Components/Map/hooks/usePermissions.tsx
View File

@ -63,33 +63,46 @@ function usePermissionsManager(initialPermissions: Permission[]): {
}, []);
const hasUserPermission = useCallback(
(collectionName: string, action: PermissionAction, item?: Item, layer?: LayerProps) => {
(
collectionName: string,
action: PermissionAction,
item?: Item,
layer?: LayerProps
) => {
const evaluateCondition = (condition: any) => {
if (condition.user_created?._eq === "$CURRENT_USER") {
return item?.user_created?.id === user?.id;
}
if (condition.public_edit?._eq === true) {
return item?.public_edit === true;
}
return false;
};
const evaluatePermissions = (permissionConditions: any) => {
return permissionConditions._and?.every((andCondition: any) =>
andCondition._or
? andCondition._or.some((orCondition: any) => evaluateCondition(orCondition))
: evaluateCondition(andCondition)
);
};
if (permissions.length === 0) return true;
else if (user && user.role === adminRole) return true;
else {
return permissions.some(p =>
p.action === action &&
p.collection === collectionName &&
p.role === user?.role &&
(
// Wenn 'item' nicht gesetzt ist, ignorieren wir die Überprüfung von 'user_created'
!item || !p.permissions || !p.permissions._and ||
p.permissions._and.some(condition =>
condition.user_created &&
condition.user_created._eq === "$CURRENT_USER" &&
item.user_created?.id === user?.id
)
)
||
(layer?.public_edit_items || item?.layer?.public_edit_items) &&
(
// Wenn 'item' nicht gesetzt ist, ignorieren wir die Überprüfung von 'public_edit'
!item ||
p.permissions?._and?.some(condition =>
condition.public_edit &&
condition.public_edit._eq == true &&
item.public_edit == true
)
(p.role === user?.role &&
(
!item || !p.permissions || evaluatePermissions(p.permissions)
)) ||
(p.role == null &&
(
(layer?.public_edit_items || item?.layer?.public_edit_items) &&
(!item || !p.permissions || evaluatePermissions(p.permissions))
))
)
);
}