github.com/Azareal/Gosora@v0.0.0-20210729070923-553e66b59003/common/permissions.go

github.com/Azareal/Gosora@v0.0.0-20210729070923-553e66b59003/common/permissions.go (about)

     1  package common
     2  
     3  import (
     4  	"encoding/json"
     5  	"log"
     6  
     7  	"github.com/Azareal/Gosora/common/phrases"
     8  	qgen "github.com/Azareal/Gosora/query_gen"
     9  )
    10  
    11  // TODO: Refactor the perms system
    12  var BlankPerms Perms
    13  var GuestPerms Perms
    14  
    15  // AllPerms is a set of global permissions with everything set to true
    16  var AllPerms Perms
    17  var AllPluginPerms = make(map[string]bool)
    18  
    19  // ? - Can we avoid duplicating the items in this list in a bunch of places?
    20  var GlobalPermList = []string{
    21  	"BanUsers",
    22  	"ActivateUsers",
    23  	"EditUser",
    24  	"EditUserEmail",
    25  	"EditUserPassword",
    26  	"EditUserGroup",
    27  	"EditUserGroupSuperMod",
    28  	"EditUserGroupAdmin",
    29  	"EditGroup",
    30  	"EditGroupLocalPerms",
    31  	"EditGroupGlobalPerms",
    32  	"EditGroupSuperMod",
    33  	"EditGroupAdmin",
    34  	"ManageForums",
    35  	"EditSettings",
    36  	"ManageThemes",
    37  	"ManagePlugins",
    38  	"ViewAdminLogs",
    39  	"ViewIPs",
    40  	"UploadFiles",
    41  	"UploadAvatars",
    42  	"UseConvos",
    43  	"UseConvosOnlyWithMod",
    44  	"CreateProfileReply",
    45  	"AutoEmbed",
    46  	"AutoLink",
    47  }
    48  
    49  // Permission Structure: ActionComponent[Subcomponent]Flag
    50  type Perms struct {
    51  	// Global Permissions
    52  	BanUsers              bool `json:",omitempty"`
    53  	ActivateUsers         bool `json:",omitempty"`
    54  	EditUser              bool `json:",omitempty"`
    55  	EditUserEmail         bool `json:",omitempty"`
    56  	EditUserPassword      bool `json:",omitempty"`
    57  	EditUserGroup         bool `json:",omitempty"`
    58  	EditUserGroupSuperMod bool `json:",omitempty"`
    59  	EditUserGroupAdmin    bool `json:",omitempty"`
    60  	EditGroup             bool `json:",omitempty"`
    61  	EditGroupLocalPerms   bool `json:",omitempty"`
    62  	EditGroupGlobalPerms  bool `json:",omitempty"`
    63  	EditGroupSuperMod     bool `json:",omitempty"`
    64  	EditGroupAdmin        bool `json:",omitempty"`
    65  	ManageForums          bool `json:",omitempty"` // This could be local, albeit limited for per-forum managers?
    66  	EditSettings          bool `json:",omitempty"`
    67  	ManageThemes          bool `json:",omitempty"`
    68  	ManagePlugins         bool `json:",omitempty"`
    69  	ViewAdminLogs         bool `json:",omitempty"`
    70  	ViewIPs               bool `json:",omitempty"`
    71  
    72  	// Global non-staff permissions
    73  	UploadFiles          bool `json:",omitempty"`
    74  	UploadAvatars        bool `json:",omitempty"`
    75  	UseConvos            bool `json:",omitempty"`
    76  	UseConvosOnlyWithMod bool `json:",omitempty"`
    77  	CreateProfileReply   bool `json:",omitempty"`
    78  	AutoEmbed            bool `json:",omitempty"`
    79  	AutoLink             bool `json:",omitempty"`
    80  
    81  	// Forum permissions
    82  	ViewTopic bool `json:",omitempty"`
    83  	//ViewOwnTopic bool `json:",omitempty"`
    84  	LikeItem    bool `json:",omitempty"`
    85  	CreateTopic bool `json:",omitempty"`
    86  	EditTopic   bool `json:",omitempty"`
    87  	DeleteTopic bool `json:",omitempty"`
    88  	CreateReply bool `json:",omitempty"`
    89  	//CreateReplyToOwn bool `json:",omitempty"`
    90  	EditReply bool `json:",omitempty"`
    91  	//EditOwnReply bool `json:",omitempty"`
    92  	DeleteReply bool `json:",omitempty"`
    93  	//DeleteOwnReply bool `json:",omitempty"`
    94  	PinTopic   bool `json:",omitempty"`
    95  	CloseTopic bool `json:",omitempty"`
    96  	//CloseOwnTopic bool `json:",omitempty"`
    97  	MoveTopic bool `json:",omitempty"`
    98  
    99  	//ExtData map[string]bool `json:",omitempty"`
   100  }
   101  
   102  func init() {
   103  	BlankPerms = Perms{
   104  		//ExtData: make(map[string]bool),
   105  	}
   106  
   107  	GuestPerms = Perms{
   108  		ViewTopic: true,
   109  		//ExtData: make(map[string]bool),
   110  	}
   111  
   112  	AllPerms = Perms{
   113  		BanUsers:              true,
   114  		ActivateUsers:         true,
   115  		EditUser:              true,
   116  		EditUserEmail:         true,
   117  		EditUserPassword:      true,
   118  		EditUserGroup:         true,
   119  		EditUserGroupSuperMod: true,
   120  		EditUserGroupAdmin:    true,
   121  		EditGroup:             true,
   122  		EditGroupLocalPerms:   true,
   123  		EditGroupGlobalPerms:  true,
   124  		EditGroupSuperMod:     true,
   125  		EditGroupAdmin:        true,
   126  		ManageForums:          true,
   127  		EditSettings:          true,
   128  		ManageThemes:          true,
   129  		ManagePlugins:         true,
   130  		ViewAdminLogs:         true,
   131  		ViewIPs:               true,
   132  
   133  		UploadFiles:          true,
   134  		UploadAvatars:        true,
   135  		UseConvos:            true,
   136  		UseConvosOnlyWithMod: true,
   137  		CreateProfileReply:   true,
   138  		AutoEmbed:            true,
   139  		AutoLink:             true,
   140  
   141  		ViewTopic:   true,
   142  		LikeItem:    true,
   143  		CreateTopic: true,
   144  		EditTopic:   true,
   145  		DeleteTopic: true,
   146  		CreateReply: true,
   147  		EditReply:   true,
   148  		DeleteReply: true,
   149  		PinTopic:    true,
   150  		CloseTopic:  true,
   151  		MoveTopic:   true,
   152  
   153  		//ExtData: make(map[string]bool),
   154  	}
   155  
   156  	GuestUser.Perms = GuestPerms
   157  	DebugLogf("Guest Perms: %+v\n", GuestPerms)
   158  	DebugLogf("All Perms: %+v\n", AllPerms)
   159  }
   160  
   161  func StripInvalidGroupForumPreset(preset string) string {
   162  	switch preset {
   163  	case "read_only", "can_post", "can_moderate", "no_access", "default", "custom":
   164  		return preset
   165  	}
   166  	return ""
   167  }
   168  
   169  func StripInvalidPreset(preset string) string {
   170  	switch preset {
   171  	case "all", "announce", "members", "staff", "admins", "archive", "custom":
   172  		return preset
   173  	}
   174  	return ""
   175  }
   176  
   177  // TODO: Move this into the phrase system?
   178  func PresetToLang(preset string) string {
   179  	phrases := phrases.GetAllPermPresets()
   180  	phrase, ok := phrases[preset]
   181  	if !ok {
   182  		phrase = phrases["unknown"]
   183  	}
   184  	return phrase
   185  }
   186  
   187  // TODO: Is this racey?
   188  // TODO: Test this along with the rest of the perms system
   189  func RebuildGroupPermissions(g *Group) error {
   190  	var permstr []byte
   191  	log.Print("Reloading a group")
   192  
   193  	// TODO: Avoid re-initting this all the time
   194  	getGroupPerms, e := qgen.Builder.SimpleSelect("users_groups", "permissions", "gid=?", "", "")
   195  	if e != nil {
   196  		return e
   197  	}
   198  	defer getGroupPerms.Close()
   199  
   200  	e = getGroupPerms.QueryRow(g.ID).Scan(&permstr)
   201  	if e != nil {
   202  		return e
   203  	}
   204  
   205  	tmpPerms := Perms{
   206  		//ExtData: make(map[string]bool),
   207  	}
   208  	e = json.Unmarshal(permstr, &tmpPerms)
   209  	if e != nil {
   210  		return e
   211  	}
   212  	g.Perms = tmpPerms
   213  	return nil
   214  }
   215  
   216  func OverridePerms(p *Perms, status bool) {
   217  	if status {
   218  		*p = AllPerms
   219  	} else {
   220  		*p = BlankPerms
   221  	}
   222  }
   223  
   224  // TODO: We need a better way of overriding forum perms rather than setting them one by one
   225  func OverrideForumPerms(p *Perms, status bool) {
   226  	p.ViewTopic = status
   227  	p.LikeItem = status
   228  	p.CreateTopic = status
   229  	p.EditTopic = status
   230  	p.DeleteTopic = status
   231  	p.CreateReply = status
   232  	p.EditReply = status
   233  	p.DeleteReply = status
   234  	p.PinTopic = status
   235  	p.CloseTopic = status
   236  	p.MoveTopic = status
   237  }
   238  
   239  func RegisterPluginPerm(name string) {
   240  	AllPluginPerms[name] = true
   241  }
   242  
   243  func DeregisterPluginPerm(name string) {
   244  	delete(AllPluginPerms, name)
   245  }