github.com/demisto/mattermost-server@v4.9.0-rc3+incompatible/model/permission.go (about) 1 // Copyright (c) 2016-present Mattermost, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 package model 5 6 const ( 7 PERMISSION_SCOPE_SYSTEM = "system_scope" 8 PERMISSION_SCOPE_TEAM = "team_scope" 9 PERMISSION_SCOPE_CHANNEL = "channel_scope" 10 ) 11 12 type Permission struct { 13 Id string `json:"id"` 14 Name string `json:"name"` 15 Description string `json:"description"` 16 Scope string `json:"scope"` 17 } 18 19 var PERMISSION_INVITE_USER *Permission 20 var PERMISSION_ADD_USER_TO_TEAM *Permission 21 var PERMISSION_USE_SLASH_COMMANDS *Permission 22 var PERMISSION_MANAGE_SLASH_COMMANDS *Permission 23 var PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS *Permission 24 var PERMISSION_CREATE_PUBLIC_CHANNEL *Permission 25 var PERMISSION_CREATE_PRIVATE_CHANNEL *Permission 26 var PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS *Permission 27 var PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS *Permission 28 var PERMISSION_ASSIGN_SYSTEM_ADMIN_ROLE *Permission 29 var PERMISSION_MANAGE_ROLES *Permission 30 var PERMISSION_MANAGE_TEAM_ROLES *Permission 31 var PERMISSION_MANAGE_CHANNEL_ROLES *Permission 32 var PERMISSION_CREATE_DIRECT_CHANNEL *Permission 33 var PERMISSION_CREATE_GROUP_CHANNEL *Permission 34 var PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES *Permission 35 var PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES *Permission 36 var PERMISSION_LIST_TEAM_CHANNELS *Permission 37 var PERMISSION_JOIN_PUBLIC_CHANNELS *Permission 38 var PERMISSION_DELETE_PUBLIC_CHANNEL *Permission 39 var PERMISSION_DELETE_PRIVATE_CHANNEL *Permission 40 var PERMISSION_EDIT_OTHER_USERS *Permission 41 var PERMISSION_READ_CHANNEL *Permission 42 var PERMISSION_READ_PUBLIC_CHANNEL *Permission 43 var PERMISSION_ADD_REACTION *Permission 44 var PERMISSION_REMOVE_REACTION *Permission 45 var PERMISSION_REMOVE_OTHERS_REACTIONS *Permission 46 var PERMISSION_PERMANENT_DELETE_USER *Permission 47 var PERMISSION_UPLOAD_FILE *Permission 48 var PERMISSION_GET_PUBLIC_LINK *Permission 49 var PERMISSION_MANAGE_WEBHOOKS *Permission 50 var PERMISSION_MANAGE_OTHERS_WEBHOOKS *Permission 51 var PERMISSION_MANAGE_OAUTH *Permission 52 var PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH *Permission 53 var PERMISSION_CREATE_POST *Permission 54 var PERMISSION_CREATE_POST_PUBLIC *Permission 55 var PERMISSION_EDIT_POST *Permission 56 var PERMISSION_EDIT_OTHERS_POSTS *Permission 57 var PERMISSION_DELETE_POST *Permission 58 var PERMISSION_DELETE_OTHERS_POSTS *Permission 59 var PERMISSION_REMOVE_USER_FROM_TEAM *Permission 60 var PERMISSION_CREATE_TEAM *Permission 61 var PERMISSION_MANAGE_TEAM *Permission 62 var PERMISSION_IMPORT_TEAM *Permission 63 var PERMISSION_VIEW_TEAM *Permission 64 var PERMISSION_LIST_USERS_WITHOUT_TEAM *Permission 65 var PERMISSION_MANAGE_JOBS *Permission 66 var PERMISSION_CREATE_USER_ACCESS_TOKEN *Permission 67 var PERMISSION_READ_USER_ACCESS_TOKEN *Permission 68 var PERMISSION_REVOKE_USER_ACCESS_TOKEN *Permission 69 70 // General permission that encompasses all system admin functions 71 // in the future this could be broken up to allow access to some 72 // admin functions but not others 73 var PERMISSION_MANAGE_SYSTEM *Permission 74 75 var ALL_PERMISSIONS []*Permission 76 77 func initializePermissions() { 78 PERMISSION_INVITE_USER = &Permission{ 79 "invite_user", 80 "authentication.permissions.team_invite_user.name", 81 "authentication.permissions.team_invite_user.description", 82 PERMISSION_SCOPE_TEAM, 83 } 84 PERMISSION_ADD_USER_TO_TEAM = &Permission{ 85 "add_user_to_team", 86 "authentication.permissions.add_user_to_team.name", 87 "authentication.permissions.add_user_to_team.description", 88 PERMISSION_SCOPE_TEAM, 89 } 90 PERMISSION_USE_SLASH_COMMANDS = &Permission{ 91 "use_slash_commands", 92 "authentication.permissions.team_use_slash_commands.name", 93 "authentication.permissions.team_use_slash_commands.description", 94 PERMISSION_SCOPE_CHANNEL, 95 } 96 PERMISSION_MANAGE_SLASH_COMMANDS = &Permission{ 97 "manage_slash_commands", 98 "authentication.permissions.manage_slash_commands.name", 99 "authentication.permissions.manage_slash_commands.description", 100 PERMISSION_SCOPE_TEAM, 101 } 102 PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS = &Permission{ 103 "manage_others_slash_commands", 104 "authentication.permissions.manage_others_slash_commands.name", 105 "authentication.permissions.manage_others_slash_commands.description", 106 PERMISSION_SCOPE_TEAM, 107 } 108 PERMISSION_CREATE_PUBLIC_CHANNEL = &Permission{ 109 "create_public_channel", 110 "authentication.permissions.create_public_channel.name", 111 "authentication.permissions.create_public_channel.description", 112 PERMISSION_SCOPE_TEAM, 113 } 114 PERMISSION_CREATE_PRIVATE_CHANNEL = &Permission{ 115 "create_private_channel", 116 "authentication.permissions.create_private_channel.name", 117 "authentication.permissions.create_private_channel.description", 118 PERMISSION_SCOPE_TEAM, 119 } 120 PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS = &Permission{ 121 "manage_public_channel_members", 122 "authentication.permissions.manage_public_channel_members.name", 123 "authentication.permissions.manage_public_channel_members.description", 124 PERMISSION_SCOPE_CHANNEL, 125 } 126 PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS = &Permission{ 127 "manage_private_channel_members", 128 "authentication.permissions.manage_private_channel_members.name", 129 "authentication.permissions.manage_private_channel_members.description", 130 PERMISSION_SCOPE_CHANNEL, 131 } 132 PERMISSION_ASSIGN_SYSTEM_ADMIN_ROLE = &Permission{ 133 "assign_system_admin_role", 134 "authentication.permissions.assign_system_admin_role.name", 135 "authentication.permissions.assign_system_admin_role.description", 136 PERMISSION_SCOPE_SYSTEM, 137 } 138 PERMISSION_MANAGE_ROLES = &Permission{ 139 "manage_roles", 140 "authentication.permissions.manage_roles.name", 141 "authentication.permissions.manage_roles.description", 142 PERMISSION_SCOPE_SYSTEM, 143 } 144 PERMISSION_MANAGE_TEAM_ROLES = &Permission{ 145 "manage_team_roles", 146 "authentication.permissions.manage_team_roles.name", 147 "authentication.permissions.manage_team_roles.description", 148 PERMISSION_SCOPE_TEAM, 149 } 150 PERMISSION_MANAGE_CHANNEL_ROLES = &Permission{ 151 "manage_channel_roles", 152 "authentication.permissions.manage_channel_roles.name", 153 "authentication.permissions.manage_channel_roles.description", 154 PERMISSION_SCOPE_CHANNEL, 155 } 156 PERMISSION_MANAGE_SYSTEM = &Permission{ 157 "manage_system", 158 "authentication.permissions.manage_system.name", 159 "authentication.permissions.manage_system.description", 160 PERMISSION_SCOPE_SYSTEM, 161 } 162 PERMISSION_CREATE_DIRECT_CHANNEL = &Permission{ 163 "create_direct_channel", 164 "authentication.permissions.create_direct_channel.name", 165 "authentication.permissions.create_direct_channel.description", 166 PERMISSION_SCOPE_SYSTEM, 167 } 168 PERMISSION_CREATE_GROUP_CHANNEL = &Permission{ 169 "create_group_channel", 170 "authentication.permissions.create_group_channel.name", 171 "authentication.permissions.create_group_channel.description", 172 PERMISSION_SCOPE_SYSTEM, 173 } 174 PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES = &Permission{ 175 "manage_public_channel_properties", 176 "authentication.permissions.manage_public_channel_properties.name", 177 "authentication.permissions.manage_public_channel_properties.description", 178 PERMISSION_SCOPE_CHANNEL, 179 } 180 PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES = &Permission{ 181 "manage_private_channel_properties", 182 "authentication.permissions.manage_private_channel_properties.name", 183 "authentication.permissions.manage_private_channel_properties.description", 184 PERMISSION_SCOPE_CHANNEL, 185 } 186 PERMISSION_LIST_TEAM_CHANNELS = &Permission{ 187 "list_team_channels", 188 "authentication.permissions.list_team_channels.name", 189 "authentication.permissions.list_team_channels.description", 190 PERMISSION_SCOPE_TEAM, 191 } 192 PERMISSION_JOIN_PUBLIC_CHANNELS = &Permission{ 193 "join_public_channels", 194 "authentication.permissions.join_public_channels.name", 195 "authentication.permissions.join_public_channels.description", 196 PERMISSION_SCOPE_TEAM, 197 } 198 PERMISSION_DELETE_PUBLIC_CHANNEL = &Permission{ 199 "delete_public_channel", 200 "authentication.permissions.delete_public_channel.name", 201 "authentication.permissions.delete_public_channel.description", 202 PERMISSION_SCOPE_CHANNEL, 203 } 204 PERMISSION_DELETE_PRIVATE_CHANNEL = &Permission{ 205 "delete_private_channel", 206 "authentication.permissions.delete_private_channel.name", 207 "authentication.permissions.delete_private_channel.description", 208 PERMISSION_SCOPE_CHANNEL, 209 } 210 PERMISSION_EDIT_OTHER_USERS = &Permission{ 211 "edit_other_users", 212 "authentication.permissions.edit_other_users.name", 213 "authentication.permissions.edit_other_users.description", 214 PERMISSION_SCOPE_SYSTEM, 215 } 216 PERMISSION_READ_CHANNEL = &Permission{ 217 "read_channel", 218 "authentication.permissions.read_channel.name", 219 "authentication.permissions.read_channel.description", 220 PERMISSION_SCOPE_CHANNEL, 221 } 222 PERMISSION_READ_PUBLIC_CHANNEL = &Permission{ 223 "read_public_channel", 224 "authentication.permissions.read_public_channel.name", 225 "authentication.permissions.read_public_channel.description", 226 PERMISSION_SCOPE_TEAM, 227 } 228 PERMISSION_ADD_REACTION = &Permission{ 229 "add_reaction", 230 "authentication.permissions.add_reaction.name", 231 "authentication.permissions.add_reaction.description", 232 PERMISSION_SCOPE_CHANNEL, 233 } 234 PERMISSION_REMOVE_REACTION = &Permission{ 235 "remove_reaction", 236 "authentication.permissions.remove_reaction.name", 237 "authentication.permissions.remove_reaction.description", 238 PERMISSION_SCOPE_CHANNEL, 239 } 240 PERMISSION_REMOVE_OTHERS_REACTIONS = &Permission{ 241 "remove_others_reactions", 242 "authentication.permissions.remove_others_reactions.name", 243 "authentication.permissions.remove_others_reactions.description", 244 PERMISSION_SCOPE_CHANNEL, 245 } 246 PERMISSION_PERMANENT_DELETE_USER = &Permission{ 247 "permanent_delete_user", 248 "authentication.permissions.permanent_delete_user.name", 249 "authentication.permissions.permanent_delete_user.description", 250 PERMISSION_SCOPE_SYSTEM, 251 } 252 PERMISSION_UPLOAD_FILE = &Permission{ 253 "upload_file", 254 "authentication.permissions.upload_file.name", 255 "authentication.permissions.upload_file.description", 256 PERMISSION_SCOPE_CHANNEL, 257 } 258 PERMISSION_GET_PUBLIC_LINK = &Permission{ 259 "get_public_link", 260 "authentication.permissions.get_public_link.name", 261 "authentication.permissions.get_public_link.description", 262 PERMISSION_SCOPE_SYSTEM, 263 } 264 PERMISSION_MANAGE_WEBHOOKS = &Permission{ 265 "manage_webhooks", 266 "authentication.permissions.manage_webhooks.name", 267 "authentication.permissions.manage_webhooks.description", 268 PERMISSION_SCOPE_TEAM, 269 } 270 PERMISSION_MANAGE_OTHERS_WEBHOOKS = &Permission{ 271 "manage_others_webhooks", 272 "authentication.permissions.manage_others_webhooks.name", 273 "authentication.permissions.manage_others_webhooks.description", 274 PERMISSION_SCOPE_TEAM, 275 } 276 PERMISSION_MANAGE_OAUTH = &Permission{ 277 "manage_oauth", 278 "authentication.permissions.manage_oauth.name", 279 "authentication.permissions.manage_oauth.description", 280 PERMISSION_SCOPE_SYSTEM, 281 } 282 PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH = &Permission{ 283 "manage_system_wide_oauth", 284 "authentication.permissions.manage_system_wide_oauth.name", 285 "authentication.permissions.manage_system_wide_oauth.description", 286 PERMISSION_SCOPE_SYSTEM, 287 } 288 PERMISSION_CREATE_POST = &Permission{ 289 "create_post", 290 "authentication.permissions.create_post.name", 291 "authentication.permissions.create_post.description", 292 PERMISSION_SCOPE_CHANNEL, 293 } 294 PERMISSION_CREATE_POST_PUBLIC = &Permission{ 295 "create_post_public", 296 "authentication.permissions.create_post_public.name", 297 "authentication.permissions.create_post_public.description", 298 PERMISSION_SCOPE_CHANNEL, 299 } 300 PERMISSION_EDIT_POST = &Permission{ 301 "edit_post", 302 "authentication.permissions.edit_post.name", 303 "authentication.permissions.edit_post.description", 304 PERMISSION_SCOPE_CHANNEL, 305 } 306 PERMISSION_EDIT_OTHERS_POSTS = &Permission{ 307 "edit_others_posts", 308 "authentication.permissions.edit_others_posts.name", 309 "authentication.permissions.edit_others_posts.description", 310 PERMISSION_SCOPE_CHANNEL, 311 } 312 PERMISSION_DELETE_POST = &Permission{ 313 "delete_post", 314 "authentication.permissions.delete_post.name", 315 "authentication.permissions.delete_post.description", 316 PERMISSION_SCOPE_CHANNEL, 317 } 318 PERMISSION_DELETE_OTHERS_POSTS = &Permission{ 319 "delete_others_posts", 320 "authentication.permissions.delete_others_posts.name", 321 "authentication.permissions.delete_others_posts.description", 322 PERMISSION_SCOPE_CHANNEL, 323 } 324 PERMISSION_REMOVE_USER_FROM_TEAM = &Permission{ 325 "remove_user_from_team", 326 "authentication.permissions.remove_user_from_team.name", 327 "authentication.permissions.remove_user_from_team.description", 328 PERMISSION_SCOPE_TEAM, 329 } 330 PERMISSION_CREATE_TEAM = &Permission{ 331 "create_team", 332 "authentication.permissions.create_team.name", 333 "authentication.permissions.create_team.description", 334 PERMISSION_SCOPE_SYSTEM, 335 } 336 PERMISSION_MANAGE_TEAM = &Permission{ 337 "manage_team", 338 "authentication.permissions.manage_team.name", 339 "authentication.permissions.manage_team.description", 340 PERMISSION_SCOPE_TEAM, 341 } 342 PERMISSION_IMPORT_TEAM = &Permission{ 343 "import_team", 344 "authentication.permissions.import_team.name", 345 "authentication.permissions.import_team.description", 346 PERMISSION_SCOPE_TEAM, 347 } 348 PERMISSION_VIEW_TEAM = &Permission{ 349 "view_team", 350 "authentication.permissions.view_team.name", 351 "authentication.permissions.view_team.description", 352 PERMISSION_SCOPE_TEAM, 353 } 354 PERMISSION_LIST_USERS_WITHOUT_TEAM = &Permission{ 355 "list_users_without_team", 356 "authentication.permissions.list_users_without_team.name", 357 "authentication.permissions.list_users_without_team.description", 358 PERMISSION_SCOPE_SYSTEM, 359 } 360 PERMISSION_CREATE_USER_ACCESS_TOKEN = &Permission{ 361 "create_user_access_token", 362 "authentication.permissions.create_user_access_token.name", 363 "authentication.permissions.create_user_access_token.description", 364 PERMISSION_SCOPE_SYSTEM, 365 } 366 PERMISSION_READ_USER_ACCESS_TOKEN = &Permission{ 367 "read_user_access_token", 368 "authentication.permissions.read_user_access_token.name", 369 "authentication.permissions.read_user_access_token.description", 370 PERMISSION_SCOPE_SYSTEM, 371 } 372 PERMISSION_REVOKE_USER_ACCESS_TOKEN = &Permission{ 373 "revoke_user_access_token", 374 "authentication.permissions.revoke_user_access_token.name", 375 "authentication.permissions.revoke_user_access_token.description", 376 PERMISSION_SCOPE_SYSTEM, 377 } 378 PERMISSION_MANAGE_JOBS = &Permission{ 379 "manage_jobs", 380 "authentication.permisssions.manage_jobs.name", 381 "authentication.permisssions.manage_jobs.description", 382 PERMISSION_SCOPE_SYSTEM, 383 } 384 385 ALL_PERMISSIONS = []*Permission{ 386 PERMISSION_INVITE_USER, 387 PERMISSION_ADD_USER_TO_TEAM, 388 PERMISSION_USE_SLASH_COMMANDS, 389 PERMISSION_MANAGE_SLASH_COMMANDS, 390 PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS, 391 PERMISSION_CREATE_PUBLIC_CHANNEL, 392 PERMISSION_CREATE_PRIVATE_CHANNEL, 393 PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS, 394 PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS, 395 PERMISSION_ASSIGN_SYSTEM_ADMIN_ROLE, 396 PERMISSION_MANAGE_ROLES, 397 PERMISSION_MANAGE_TEAM_ROLES, 398 PERMISSION_MANAGE_CHANNEL_ROLES, 399 PERMISSION_CREATE_DIRECT_CHANNEL, 400 PERMISSION_CREATE_GROUP_CHANNEL, 401 PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES, 402 PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES, 403 PERMISSION_LIST_TEAM_CHANNELS, 404 PERMISSION_JOIN_PUBLIC_CHANNELS, 405 PERMISSION_DELETE_PUBLIC_CHANNEL, 406 PERMISSION_DELETE_PRIVATE_CHANNEL, 407 PERMISSION_EDIT_OTHER_USERS, 408 PERMISSION_READ_CHANNEL, 409 PERMISSION_READ_PUBLIC_CHANNEL, 410 PERMISSION_ADD_REACTION, 411 PERMISSION_REMOVE_REACTION, 412 PERMISSION_REMOVE_OTHERS_REACTIONS, 413 PERMISSION_PERMANENT_DELETE_USER, 414 PERMISSION_UPLOAD_FILE, 415 PERMISSION_GET_PUBLIC_LINK, 416 PERMISSION_MANAGE_WEBHOOKS, 417 PERMISSION_MANAGE_OTHERS_WEBHOOKS, 418 PERMISSION_MANAGE_OAUTH, 419 PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH, 420 PERMISSION_CREATE_POST, 421 PERMISSION_CREATE_POST_PUBLIC, 422 PERMISSION_EDIT_POST, 423 PERMISSION_EDIT_OTHERS_POSTS, 424 PERMISSION_DELETE_POST, 425 PERMISSION_DELETE_OTHERS_POSTS, 426 PERMISSION_REMOVE_USER_FROM_TEAM, 427 PERMISSION_CREATE_TEAM, 428 PERMISSION_MANAGE_TEAM, 429 PERMISSION_IMPORT_TEAM, 430 PERMISSION_VIEW_TEAM, 431 PERMISSION_LIST_USERS_WITHOUT_TEAM, 432 PERMISSION_MANAGE_JOBS, 433 PERMISSION_CREATE_USER_ACCESS_TOKEN, 434 PERMISSION_READ_USER_ACCESS_TOKEN, 435 PERMISSION_REVOKE_USER_ACCESS_TOKEN, 436 PERMISSION_MANAGE_SYSTEM, 437 } 438 } 439 440 func init() { 441 initializePermissions() 442 }