github.com/gigforks/mattermost-server@v4.9.1-0.20180619094218-800d97fa55d0+incompatible/model/permission.go (about) 1 // Copyright (c) 2016-present Mattermost, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 package model 5 6 const ( 7 PERMISSION_SCOPE_SYSTEM = "system_scope" 8 PERMISSION_SCOPE_TEAM = "team_scope" 9 PERMISSION_SCOPE_CHANNEL = "channel_scope" 10 ) 11 12 type Permission struct { 13 Id string `json:"id"` 14 Name string `json:"name"` 15 Description string `json:"description"` 16 Scope string `json:"scope"` 17 } 18 19 var PERMISSION_INVITE_USER *Permission 20 var PERMISSION_ADD_USER_TO_TEAM *Permission 21 var PERMISSION_USE_SLASH_COMMANDS *Permission 22 var PERMISSION_MANAGE_SLASH_COMMANDS *Permission 23 var PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS *Permission 24 var PERMISSION_CREATE_PUBLIC_CHANNEL *Permission 25 var PERMISSION_CREATE_PRIVATE_CHANNEL *Permission 26 var PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS *Permission 27 var PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS *Permission 28 var PERMISSION_ASSIGN_SYSTEM_ADMIN_ROLE *Permission 29 var PERMISSION_MANAGE_ROLES *Permission 30 var PERMISSION_MANAGE_TEAM_ROLES *Permission 31 var PERMISSION_MANAGE_CHANNEL_ROLES *Permission 32 var PERMISSION_CREATE_DIRECT_CHANNEL *Permission 33 var PERMISSION_CREATE_GROUP_CHANNEL *Permission 34 var PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES *Permission 35 var PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES *Permission 36 var PERMISSION_LIST_TEAM_CHANNELS *Permission 37 var PERMISSION_JOIN_PUBLIC_CHANNELS *Permission 38 var PERMISSION_DELETE_PUBLIC_CHANNEL *Permission 39 var PERMISSION_DELETE_PRIVATE_CHANNEL *Permission 40 var PERMISSION_EDIT_OTHER_USERS *Permission 41 var PERMISSION_READ_CHANNEL *Permission 42 var PERMISSION_READ_PUBLIC_CHANNEL *Permission 43 var PERMISSION_ADD_REACTION *Permission 44 var PERMISSION_REMOVE_REACTION *Permission 45 var PERMISSION_REMOVE_OTHERS_REACTIONS *Permission 46 var PERMISSION_PERMANENT_DELETE_USER *Permission 47 var PERMISSION_UPLOAD_FILE *Permission 48 var PERMISSION_GET_PUBLIC_LINK *Permission 49 var PERMISSION_MANAGE_WEBHOOKS *Permission 50 var PERMISSION_MANAGE_OTHERS_WEBHOOKS *Permission 51 var PERMISSION_MANAGE_OAUTH *Permission 52 var PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH *Permission 53 var PERMISSION_CREATE_POST *Permission 54 var PERMISSION_CREATE_POST_PUBLIC *Permission 55 var PERMISSION_CREATE_POST_EPHEMERAL *Permission 56 var PERMISSION_EDIT_POST *Permission 57 var PERMISSION_EDIT_OTHERS_POSTS *Permission 58 var PERMISSION_DELETE_POST *Permission 59 var PERMISSION_DELETE_OTHERS_POSTS *Permission 60 var PERMISSION_REMOVE_USER_FROM_TEAM *Permission 61 var PERMISSION_CREATE_TEAM *Permission 62 var PERMISSION_MANAGE_TEAM *Permission 63 var PERMISSION_IMPORT_TEAM *Permission 64 var PERMISSION_VIEW_TEAM *Permission 65 var PERMISSION_LIST_USERS_WITHOUT_TEAM *Permission 66 var PERMISSION_MANAGE_JOBS *Permission 67 var PERMISSION_CREATE_USER_ACCESS_TOKEN *Permission 68 var PERMISSION_READ_USER_ACCESS_TOKEN *Permission 69 var PERMISSION_REVOKE_USER_ACCESS_TOKEN *Permission 70 71 // General permission that encompasses all system admin functions 72 // in the future this could be broken up to allow access to some 73 // admin functions but not others 74 var PERMISSION_MANAGE_SYSTEM *Permission 75 76 var ALL_PERMISSIONS []*Permission 77 78 func initializePermissions() { 79 PERMISSION_INVITE_USER = &Permission{ 80 "invite_user", 81 "authentication.permissions.team_invite_user.name", 82 "authentication.permissions.team_invite_user.description", 83 PERMISSION_SCOPE_TEAM, 84 } 85 PERMISSION_ADD_USER_TO_TEAM = &Permission{ 86 "add_user_to_team", 87 "authentication.permissions.add_user_to_team.name", 88 "authentication.permissions.add_user_to_team.description", 89 PERMISSION_SCOPE_TEAM, 90 } 91 PERMISSION_USE_SLASH_COMMANDS = &Permission{ 92 "use_slash_commands", 93 "authentication.permissions.team_use_slash_commands.name", 94 "authentication.permissions.team_use_slash_commands.description", 95 PERMISSION_SCOPE_CHANNEL, 96 } 97 PERMISSION_MANAGE_SLASH_COMMANDS = &Permission{ 98 "manage_slash_commands", 99 "authentication.permissions.manage_slash_commands.name", 100 "authentication.permissions.manage_slash_commands.description", 101 PERMISSION_SCOPE_TEAM, 102 } 103 PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS = &Permission{ 104 "manage_others_slash_commands", 105 "authentication.permissions.manage_others_slash_commands.name", 106 "authentication.permissions.manage_others_slash_commands.description", 107 PERMISSION_SCOPE_TEAM, 108 } 109 PERMISSION_CREATE_PUBLIC_CHANNEL = &Permission{ 110 "create_public_channel", 111 "authentication.permissions.create_public_channel.name", 112 "authentication.permissions.create_public_channel.description", 113 PERMISSION_SCOPE_TEAM, 114 } 115 PERMISSION_CREATE_PRIVATE_CHANNEL = &Permission{ 116 "create_private_channel", 117 "authentication.permissions.create_private_channel.name", 118 "authentication.permissions.create_private_channel.description", 119 PERMISSION_SCOPE_TEAM, 120 } 121 PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS = &Permission{ 122 "manage_public_channel_members", 123 "authentication.permissions.manage_public_channel_members.name", 124 "authentication.permissions.manage_public_channel_members.description", 125 PERMISSION_SCOPE_CHANNEL, 126 } 127 PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS = &Permission{ 128 "manage_private_channel_members", 129 "authentication.permissions.manage_private_channel_members.name", 130 "authentication.permissions.manage_private_channel_members.description", 131 PERMISSION_SCOPE_CHANNEL, 132 } 133 PERMISSION_ASSIGN_SYSTEM_ADMIN_ROLE = &Permission{ 134 "assign_system_admin_role", 135 "authentication.permissions.assign_system_admin_role.name", 136 "authentication.permissions.assign_system_admin_role.description", 137 PERMISSION_SCOPE_SYSTEM, 138 } 139 PERMISSION_MANAGE_ROLES = &Permission{ 140 "manage_roles", 141 "authentication.permissions.manage_roles.name", 142 "authentication.permissions.manage_roles.description", 143 PERMISSION_SCOPE_SYSTEM, 144 } 145 PERMISSION_MANAGE_TEAM_ROLES = &Permission{ 146 "manage_team_roles", 147 "authentication.permissions.manage_team_roles.name", 148 "authentication.permissions.manage_team_roles.description", 149 PERMISSION_SCOPE_TEAM, 150 } 151 PERMISSION_MANAGE_CHANNEL_ROLES = &Permission{ 152 "manage_channel_roles", 153 "authentication.permissions.manage_channel_roles.name", 154 "authentication.permissions.manage_channel_roles.description", 155 PERMISSION_SCOPE_CHANNEL, 156 } 157 PERMISSION_MANAGE_SYSTEM = &Permission{ 158 "manage_system", 159 "authentication.permissions.manage_system.name", 160 "authentication.permissions.manage_system.description", 161 PERMISSION_SCOPE_SYSTEM, 162 } 163 PERMISSION_CREATE_DIRECT_CHANNEL = &Permission{ 164 "create_direct_channel", 165 "authentication.permissions.create_direct_channel.name", 166 "authentication.permissions.create_direct_channel.description", 167 PERMISSION_SCOPE_SYSTEM, 168 } 169 PERMISSION_CREATE_GROUP_CHANNEL = &Permission{ 170 "create_group_channel", 171 "authentication.permissions.create_group_channel.name", 172 "authentication.permissions.create_group_channel.description", 173 PERMISSION_SCOPE_SYSTEM, 174 } 175 PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES = &Permission{ 176 "manage_public_channel_properties", 177 "authentication.permissions.manage_public_channel_properties.name", 178 "authentication.permissions.manage_public_channel_properties.description", 179 PERMISSION_SCOPE_CHANNEL, 180 } 181 PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES = &Permission{ 182 "manage_private_channel_properties", 183 "authentication.permissions.manage_private_channel_properties.name", 184 "authentication.permissions.manage_private_channel_properties.description", 185 PERMISSION_SCOPE_CHANNEL, 186 } 187 PERMISSION_LIST_TEAM_CHANNELS = &Permission{ 188 "list_team_channels", 189 "authentication.permissions.list_team_channels.name", 190 "authentication.permissions.list_team_channels.description", 191 PERMISSION_SCOPE_TEAM, 192 } 193 PERMISSION_JOIN_PUBLIC_CHANNELS = &Permission{ 194 "join_public_channels", 195 "authentication.permissions.join_public_channels.name", 196 "authentication.permissions.join_public_channels.description", 197 PERMISSION_SCOPE_TEAM, 198 } 199 PERMISSION_DELETE_PUBLIC_CHANNEL = &Permission{ 200 "delete_public_channel", 201 "authentication.permissions.delete_public_channel.name", 202 "authentication.permissions.delete_public_channel.description", 203 PERMISSION_SCOPE_CHANNEL, 204 } 205 PERMISSION_DELETE_PRIVATE_CHANNEL = &Permission{ 206 "delete_private_channel", 207 "authentication.permissions.delete_private_channel.name", 208 "authentication.permissions.delete_private_channel.description", 209 PERMISSION_SCOPE_CHANNEL, 210 } 211 PERMISSION_EDIT_OTHER_USERS = &Permission{ 212 "edit_other_users", 213 "authentication.permissions.edit_other_users.name", 214 "authentication.permissions.edit_other_users.description", 215 PERMISSION_SCOPE_SYSTEM, 216 } 217 PERMISSION_READ_CHANNEL = &Permission{ 218 "read_channel", 219 "authentication.permissions.read_channel.name", 220 "authentication.permissions.read_channel.description", 221 PERMISSION_SCOPE_CHANNEL, 222 } 223 PERMISSION_READ_PUBLIC_CHANNEL = &Permission{ 224 "read_public_channel", 225 "authentication.permissions.read_public_channel.name", 226 "authentication.permissions.read_public_channel.description", 227 PERMISSION_SCOPE_TEAM, 228 } 229 PERMISSION_ADD_REACTION = &Permission{ 230 "add_reaction", 231 "authentication.permissions.add_reaction.name", 232 "authentication.permissions.add_reaction.description", 233 PERMISSION_SCOPE_CHANNEL, 234 } 235 PERMISSION_REMOVE_REACTION = &Permission{ 236 "remove_reaction", 237 "authentication.permissions.remove_reaction.name", 238 "authentication.permissions.remove_reaction.description", 239 PERMISSION_SCOPE_CHANNEL, 240 } 241 PERMISSION_REMOVE_OTHERS_REACTIONS = &Permission{ 242 "remove_others_reactions", 243 "authentication.permissions.remove_others_reactions.name", 244 "authentication.permissions.remove_others_reactions.description", 245 PERMISSION_SCOPE_CHANNEL, 246 } 247 PERMISSION_PERMANENT_DELETE_USER = &Permission{ 248 "permanent_delete_user", 249 "authentication.permissions.permanent_delete_user.name", 250 "authentication.permissions.permanent_delete_user.description", 251 PERMISSION_SCOPE_SYSTEM, 252 } 253 PERMISSION_UPLOAD_FILE = &Permission{ 254 "upload_file", 255 "authentication.permissions.upload_file.name", 256 "authentication.permissions.upload_file.description", 257 PERMISSION_SCOPE_CHANNEL, 258 } 259 PERMISSION_GET_PUBLIC_LINK = &Permission{ 260 "get_public_link", 261 "authentication.permissions.get_public_link.name", 262 "authentication.permissions.get_public_link.description", 263 PERMISSION_SCOPE_SYSTEM, 264 } 265 PERMISSION_MANAGE_WEBHOOKS = &Permission{ 266 "manage_webhooks", 267 "authentication.permissions.manage_webhooks.name", 268 "authentication.permissions.manage_webhooks.description", 269 PERMISSION_SCOPE_TEAM, 270 } 271 PERMISSION_MANAGE_OTHERS_WEBHOOKS = &Permission{ 272 "manage_others_webhooks", 273 "authentication.permissions.manage_others_webhooks.name", 274 "authentication.permissions.manage_others_webhooks.description", 275 PERMISSION_SCOPE_TEAM, 276 } 277 PERMISSION_MANAGE_OAUTH = &Permission{ 278 "manage_oauth", 279 "authentication.permissions.manage_oauth.name", 280 "authentication.permissions.manage_oauth.description", 281 PERMISSION_SCOPE_SYSTEM, 282 } 283 PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH = &Permission{ 284 "manage_system_wide_oauth", 285 "authentication.permissions.manage_system_wide_oauth.name", 286 "authentication.permissions.manage_system_wide_oauth.description", 287 PERMISSION_SCOPE_SYSTEM, 288 } 289 PERMISSION_CREATE_POST = &Permission{ 290 "create_post", 291 "authentication.permissions.create_post.name", 292 "authentication.permissions.create_post.description", 293 PERMISSION_SCOPE_CHANNEL, 294 } 295 PERMISSION_CREATE_POST_PUBLIC = &Permission{ 296 "create_post_public", 297 "authentication.permissions.create_post_public.name", 298 "authentication.permissions.create_post_public.description", 299 PERMISSION_SCOPE_CHANNEL, 300 } 301 PERMISSION_CREATE_POST_EPHEMERAL = &Permission{ 302 "create_post_ephemeral", 303 "authentication.permissions.create_post_ephemeral.name", 304 "authentication.permissions.create_post_ephemeral.description", 305 PERMISSION_SCOPE_CHANNEL, 306 } 307 PERMISSION_EDIT_POST = &Permission{ 308 "edit_post", 309 "authentication.permissions.edit_post.name", 310 "authentication.permissions.edit_post.description", 311 PERMISSION_SCOPE_CHANNEL, 312 } 313 PERMISSION_EDIT_OTHERS_POSTS = &Permission{ 314 "edit_others_posts", 315 "authentication.permissions.edit_others_posts.name", 316 "authentication.permissions.edit_others_posts.description", 317 PERMISSION_SCOPE_CHANNEL, 318 } 319 PERMISSION_DELETE_POST = &Permission{ 320 "delete_post", 321 "authentication.permissions.delete_post.name", 322 "authentication.permissions.delete_post.description", 323 PERMISSION_SCOPE_CHANNEL, 324 } 325 PERMISSION_DELETE_OTHERS_POSTS = &Permission{ 326 "delete_others_posts", 327 "authentication.permissions.delete_others_posts.name", 328 "authentication.permissions.delete_others_posts.description", 329 PERMISSION_SCOPE_CHANNEL, 330 } 331 PERMISSION_REMOVE_USER_FROM_TEAM = &Permission{ 332 "remove_user_from_team", 333 "authentication.permissions.remove_user_from_team.name", 334 "authentication.permissions.remove_user_from_team.description", 335 PERMISSION_SCOPE_TEAM, 336 } 337 PERMISSION_CREATE_TEAM = &Permission{ 338 "create_team", 339 "authentication.permissions.create_team.name", 340 "authentication.permissions.create_team.description", 341 PERMISSION_SCOPE_SYSTEM, 342 } 343 PERMISSION_MANAGE_TEAM = &Permission{ 344 "manage_team", 345 "authentication.permissions.manage_team.name", 346 "authentication.permissions.manage_team.description", 347 PERMISSION_SCOPE_TEAM, 348 } 349 PERMISSION_IMPORT_TEAM = &Permission{ 350 "import_team", 351 "authentication.permissions.import_team.name", 352 "authentication.permissions.import_team.description", 353 PERMISSION_SCOPE_TEAM, 354 } 355 PERMISSION_VIEW_TEAM = &Permission{ 356 "view_team", 357 "authentication.permissions.view_team.name", 358 "authentication.permissions.view_team.description", 359 PERMISSION_SCOPE_TEAM, 360 } 361 PERMISSION_LIST_USERS_WITHOUT_TEAM = &Permission{ 362 "list_users_without_team", 363 "authentication.permissions.list_users_without_team.name", 364 "authentication.permissions.list_users_without_team.description", 365 PERMISSION_SCOPE_SYSTEM, 366 } 367 PERMISSION_CREATE_USER_ACCESS_TOKEN = &Permission{ 368 "create_user_access_token", 369 "authentication.permissions.create_user_access_token.name", 370 "authentication.permissions.create_user_access_token.description", 371 PERMISSION_SCOPE_SYSTEM, 372 } 373 PERMISSION_READ_USER_ACCESS_TOKEN = &Permission{ 374 "read_user_access_token", 375 "authentication.permissions.read_user_access_token.name", 376 "authentication.permissions.read_user_access_token.description", 377 PERMISSION_SCOPE_SYSTEM, 378 } 379 PERMISSION_REVOKE_USER_ACCESS_TOKEN = &Permission{ 380 "revoke_user_access_token", 381 "authentication.permissions.revoke_user_access_token.name", 382 "authentication.permissions.revoke_user_access_token.description", 383 PERMISSION_SCOPE_SYSTEM, 384 } 385 PERMISSION_MANAGE_JOBS = &Permission{ 386 "manage_jobs", 387 "authentication.permisssions.manage_jobs.name", 388 "authentication.permisssions.manage_jobs.description", 389 PERMISSION_SCOPE_SYSTEM, 390 } 391 392 ALL_PERMISSIONS = []*Permission{ 393 PERMISSION_INVITE_USER, 394 PERMISSION_ADD_USER_TO_TEAM, 395 PERMISSION_USE_SLASH_COMMANDS, 396 PERMISSION_MANAGE_SLASH_COMMANDS, 397 PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS, 398 PERMISSION_CREATE_PUBLIC_CHANNEL, 399 PERMISSION_CREATE_PRIVATE_CHANNEL, 400 PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS, 401 PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS, 402 PERMISSION_ASSIGN_SYSTEM_ADMIN_ROLE, 403 PERMISSION_MANAGE_ROLES, 404 PERMISSION_MANAGE_TEAM_ROLES, 405 PERMISSION_MANAGE_CHANNEL_ROLES, 406 PERMISSION_CREATE_DIRECT_CHANNEL, 407 PERMISSION_CREATE_GROUP_CHANNEL, 408 PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES, 409 PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES, 410 PERMISSION_LIST_TEAM_CHANNELS, 411 PERMISSION_JOIN_PUBLIC_CHANNELS, 412 PERMISSION_DELETE_PUBLIC_CHANNEL, 413 PERMISSION_DELETE_PRIVATE_CHANNEL, 414 PERMISSION_EDIT_OTHER_USERS, 415 PERMISSION_READ_CHANNEL, 416 PERMISSION_READ_PUBLIC_CHANNEL, 417 PERMISSION_ADD_REACTION, 418 PERMISSION_REMOVE_REACTION, 419 PERMISSION_REMOVE_OTHERS_REACTIONS, 420 PERMISSION_PERMANENT_DELETE_USER, 421 PERMISSION_UPLOAD_FILE, 422 PERMISSION_GET_PUBLIC_LINK, 423 PERMISSION_MANAGE_WEBHOOKS, 424 PERMISSION_MANAGE_OTHERS_WEBHOOKS, 425 PERMISSION_MANAGE_OAUTH, 426 PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH, 427 PERMISSION_CREATE_POST, 428 PERMISSION_CREATE_POST_PUBLIC, 429 PERMISSION_CREATE_POST_EPHEMERAL, 430 PERMISSION_EDIT_POST, 431 PERMISSION_EDIT_OTHERS_POSTS, 432 PERMISSION_DELETE_POST, 433 PERMISSION_DELETE_OTHERS_POSTS, 434 PERMISSION_REMOVE_USER_FROM_TEAM, 435 PERMISSION_CREATE_TEAM, 436 PERMISSION_MANAGE_TEAM, 437 PERMISSION_IMPORT_TEAM, 438 PERMISSION_VIEW_TEAM, 439 PERMISSION_LIST_USERS_WITHOUT_TEAM, 440 PERMISSION_MANAGE_JOBS, 441 PERMISSION_CREATE_USER_ACCESS_TOKEN, 442 PERMISSION_READ_USER_ACCESS_TOKEN, 443 PERMISSION_REVOKE_USER_ACCESS_TOKEN, 444 PERMISSION_MANAGE_SYSTEM, 445 } 446 } 447 448 func init() { 449 initializePermissions() 450 }