github.com/levb/mattermost-server@v5.3.1+incompatible/model/permission.go (about) 1 // Copyright (c) 2016-present Mattermost, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 package model 5 6 const ( 7 PERMISSION_SCOPE_SYSTEM = "system_scope" 8 PERMISSION_SCOPE_TEAM = "team_scope" 9 PERMISSION_SCOPE_CHANNEL = "channel_scope" 10 ) 11 12 type Permission struct { 13 Id string `json:"id"` 14 Name string `json:"name"` 15 Description string `json:"description"` 16 Scope string `json:"scope"` 17 } 18 19 var PERMISSION_INVITE_USER *Permission 20 var PERMISSION_ADD_USER_TO_TEAM *Permission 21 var PERMISSION_USE_SLASH_COMMANDS *Permission 22 var PERMISSION_MANAGE_SLASH_COMMANDS *Permission 23 var PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS *Permission 24 var PERMISSION_CREATE_PUBLIC_CHANNEL *Permission 25 var PERMISSION_CREATE_PRIVATE_CHANNEL *Permission 26 var PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS *Permission 27 var PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS *Permission 28 var PERMISSION_ASSIGN_SYSTEM_ADMIN_ROLE *Permission 29 var PERMISSION_MANAGE_ROLES *Permission 30 var PERMISSION_MANAGE_TEAM_ROLES *Permission 31 var PERMISSION_MANAGE_CHANNEL_ROLES *Permission 32 var PERMISSION_CREATE_DIRECT_CHANNEL *Permission 33 var PERMISSION_CREATE_GROUP_CHANNEL *Permission 34 var PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES *Permission 35 var PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES *Permission 36 var PERMISSION_LIST_TEAM_CHANNELS *Permission 37 var PERMISSION_JOIN_PUBLIC_CHANNELS *Permission 38 var PERMISSION_DELETE_PUBLIC_CHANNEL *Permission 39 var PERMISSION_DELETE_PRIVATE_CHANNEL *Permission 40 var PERMISSION_EDIT_OTHER_USERS *Permission 41 var PERMISSION_READ_CHANNEL *Permission 42 var PERMISSION_READ_PUBLIC_CHANNEL *Permission 43 var PERMISSION_ADD_REACTION *Permission 44 var PERMISSION_REMOVE_REACTION *Permission 45 var PERMISSION_REMOVE_OTHERS_REACTIONS *Permission 46 var PERMISSION_PERMANENT_DELETE_USER *Permission 47 var PERMISSION_UPLOAD_FILE *Permission 48 var PERMISSION_GET_PUBLIC_LINK *Permission 49 var PERMISSION_MANAGE_WEBHOOKS *Permission 50 var PERMISSION_MANAGE_OTHERS_WEBHOOKS *Permission 51 var PERMISSION_MANAGE_OAUTH *Permission 52 var PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH *Permission 53 var PERMISSION_MANAGE_EMOJIS *Permission 54 var PERMISSION_MANAGE_OTHERS_EMOJIS *Permission 55 var PERMISSION_CREATE_POST *Permission 56 var PERMISSION_CREATE_POST_PUBLIC *Permission 57 var PERMISSION_CREATE_POST_EPHEMERAL *Permission 58 var PERMISSION_EDIT_POST *Permission 59 var PERMISSION_EDIT_OTHERS_POSTS *Permission 60 var PERMISSION_DELETE_POST *Permission 61 var PERMISSION_DELETE_OTHERS_POSTS *Permission 62 var PERMISSION_REMOVE_USER_FROM_TEAM *Permission 63 var PERMISSION_CREATE_TEAM *Permission 64 var PERMISSION_MANAGE_TEAM *Permission 65 var PERMISSION_IMPORT_TEAM *Permission 66 var PERMISSION_VIEW_TEAM *Permission 67 var PERMISSION_LIST_USERS_WITHOUT_TEAM *Permission 68 var PERMISSION_MANAGE_JOBS *Permission 69 var PERMISSION_CREATE_USER_ACCESS_TOKEN *Permission 70 var PERMISSION_READ_USER_ACCESS_TOKEN *Permission 71 var PERMISSION_REVOKE_USER_ACCESS_TOKEN *Permission 72 73 // General permission that encompasses all system admin functions 74 // in the future this could be broken up to allow access to some 75 // admin functions but not others 76 var PERMISSION_MANAGE_SYSTEM *Permission 77 78 var ALL_PERMISSIONS []*Permission 79 80 func initializePermissions() { 81 PERMISSION_INVITE_USER = &Permission{ 82 "invite_user", 83 "authentication.permissions.team_invite_user.name", 84 "authentication.permissions.team_invite_user.description", 85 PERMISSION_SCOPE_TEAM, 86 } 87 PERMISSION_ADD_USER_TO_TEAM = &Permission{ 88 "add_user_to_team", 89 "authentication.permissions.add_user_to_team.name", 90 "authentication.permissions.add_user_to_team.description", 91 PERMISSION_SCOPE_TEAM, 92 } 93 PERMISSION_USE_SLASH_COMMANDS = &Permission{ 94 "use_slash_commands", 95 "authentication.permissions.team_use_slash_commands.name", 96 "authentication.permissions.team_use_slash_commands.description", 97 PERMISSION_SCOPE_CHANNEL, 98 } 99 PERMISSION_MANAGE_SLASH_COMMANDS = &Permission{ 100 "manage_slash_commands", 101 "authentication.permissions.manage_slash_commands.name", 102 "authentication.permissions.manage_slash_commands.description", 103 PERMISSION_SCOPE_TEAM, 104 } 105 PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS = &Permission{ 106 "manage_others_slash_commands", 107 "authentication.permissions.manage_others_slash_commands.name", 108 "authentication.permissions.manage_others_slash_commands.description", 109 PERMISSION_SCOPE_TEAM, 110 } 111 PERMISSION_CREATE_PUBLIC_CHANNEL = &Permission{ 112 "create_public_channel", 113 "authentication.permissions.create_public_channel.name", 114 "authentication.permissions.create_public_channel.description", 115 PERMISSION_SCOPE_TEAM, 116 } 117 PERMISSION_CREATE_PRIVATE_CHANNEL = &Permission{ 118 "create_private_channel", 119 "authentication.permissions.create_private_channel.name", 120 "authentication.permissions.create_private_channel.description", 121 PERMISSION_SCOPE_TEAM, 122 } 123 PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS = &Permission{ 124 "manage_public_channel_members", 125 "authentication.permissions.manage_public_channel_members.name", 126 "authentication.permissions.manage_public_channel_members.description", 127 PERMISSION_SCOPE_CHANNEL, 128 } 129 PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS = &Permission{ 130 "manage_private_channel_members", 131 "authentication.permissions.manage_private_channel_members.name", 132 "authentication.permissions.manage_private_channel_members.description", 133 PERMISSION_SCOPE_CHANNEL, 134 } 135 PERMISSION_ASSIGN_SYSTEM_ADMIN_ROLE = &Permission{ 136 "assign_system_admin_role", 137 "authentication.permissions.assign_system_admin_role.name", 138 "authentication.permissions.assign_system_admin_role.description", 139 PERMISSION_SCOPE_SYSTEM, 140 } 141 PERMISSION_MANAGE_ROLES = &Permission{ 142 "manage_roles", 143 "authentication.permissions.manage_roles.name", 144 "authentication.permissions.manage_roles.description", 145 PERMISSION_SCOPE_SYSTEM, 146 } 147 PERMISSION_MANAGE_TEAM_ROLES = &Permission{ 148 "manage_team_roles", 149 "authentication.permissions.manage_team_roles.name", 150 "authentication.permissions.manage_team_roles.description", 151 PERMISSION_SCOPE_TEAM, 152 } 153 PERMISSION_MANAGE_CHANNEL_ROLES = &Permission{ 154 "manage_channel_roles", 155 "authentication.permissions.manage_channel_roles.name", 156 "authentication.permissions.manage_channel_roles.description", 157 PERMISSION_SCOPE_CHANNEL, 158 } 159 PERMISSION_MANAGE_SYSTEM = &Permission{ 160 "manage_system", 161 "authentication.permissions.manage_system.name", 162 "authentication.permissions.manage_system.description", 163 PERMISSION_SCOPE_SYSTEM, 164 } 165 PERMISSION_CREATE_DIRECT_CHANNEL = &Permission{ 166 "create_direct_channel", 167 "authentication.permissions.create_direct_channel.name", 168 "authentication.permissions.create_direct_channel.description", 169 PERMISSION_SCOPE_SYSTEM, 170 } 171 PERMISSION_CREATE_GROUP_CHANNEL = &Permission{ 172 "create_group_channel", 173 "authentication.permissions.create_group_channel.name", 174 "authentication.permissions.create_group_channel.description", 175 PERMISSION_SCOPE_SYSTEM, 176 } 177 PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES = &Permission{ 178 "manage_public_channel_properties", 179 "authentication.permissions.manage_public_channel_properties.name", 180 "authentication.permissions.manage_public_channel_properties.description", 181 PERMISSION_SCOPE_CHANNEL, 182 } 183 PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES = &Permission{ 184 "manage_private_channel_properties", 185 "authentication.permissions.manage_private_channel_properties.name", 186 "authentication.permissions.manage_private_channel_properties.description", 187 PERMISSION_SCOPE_CHANNEL, 188 } 189 PERMISSION_LIST_TEAM_CHANNELS = &Permission{ 190 "list_team_channels", 191 "authentication.permissions.list_team_channels.name", 192 "authentication.permissions.list_team_channels.description", 193 PERMISSION_SCOPE_TEAM, 194 } 195 PERMISSION_JOIN_PUBLIC_CHANNELS = &Permission{ 196 "join_public_channels", 197 "authentication.permissions.join_public_channels.name", 198 "authentication.permissions.join_public_channels.description", 199 PERMISSION_SCOPE_TEAM, 200 } 201 PERMISSION_DELETE_PUBLIC_CHANNEL = &Permission{ 202 "delete_public_channel", 203 "authentication.permissions.delete_public_channel.name", 204 "authentication.permissions.delete_public_channel.description", 205 PERMISSION_SCOPE_CHANNEL, 206 } 207 PERMISSION_DELETE_PRIVATE_CHANNEL = &Permission{ 208 "delete_private_channel", 209 "authentication.permissions.delete_private_channel.name", 210 "authentication.permissions.delete_private_channel.description", 211 PERMISSION_SCOPE_CHANNEL, 212 } 213 PERMISSION_EDIT_OTHER_USERS = &Permission{ 214 "edit_other_users", 215 "authentication.permissions.edit_other_users.name", 216 "authentication.permissions.edit_other_users.description", 217 PERMISSION_SCOPE_SYSTEM, 218 } 219 PERMISSION_READ_CHANNEL = &Permission{ 220 "read_channel", 221 "authentication.permissions.read_channel.name", 222 "authentication.permissions.read_channel.description", 223 PERMISSION_SCOPE_CHANNEL, 224 } 225 PERMISSION_READ_PUBLIC_CHANNEL = &Permission{ 226 "read_public_channel", 227 "authentication.permissions.read_public_channel.name", 228 "authentication.permissions.read_public_channel.description", 229 PERMISSION_SCOPE_TEAM, 230 } 231 PERMISSION_ADD_REACTION = &Permission{ 232 "add_reaction", 233 "authentication.permissions.add_reaction.name", 234 "authentication.permissions.add_reaction.description", 235 PERMISSION_SCOPE_CHANNEL, 236 } 237 PERMISSION_REMOVE_REACTION = &Permission{ 238 "remove_reaction", 239 "authentication.permissions.remove_reaction.name", 240 "authentication.permissions.remove_reaction.description", 241 PERMISSION_SCOPE_CHANNEL, 242 } 243 PERMISSION_REMOVE_OTHERS_REACTIONS = &Permission{ 244 "remove_others_reactions", 245 "authentication.permissions.remove_others_reactions.name", 246 "authentication.permissions.remove_others_reactions.description", 247 PERMISSION_SCOPE_CHANNEL, 248 } 249 PERMISSION_PERMANENT_DELETE_USER = &Permission{ 250 "permanent_delete_user", 251 "authentication.permissions.permanent_delete_user.name", 252 "authentication.permissions.permanent_delete_user.description", 253 PERMISSION_SCOPE_SYSTEM, 254 } 255 PERMISSION_UPLOAD_FILE = &Permission{ 256 "upload_file", 257 "authentication.permissions.upload_file.name", 258 "authentication.permissions.upload_file.description", 259 PERMISSION_SCOPE_CHANNEL, 260 } 261 PERMISSION_GET_PUBLIC_LINK = &Permission{ 262 "get_public_link", 263 "authentication.permissions.get_public_link.name", 264 "authentication.permissions.get_public_link.description", 265 PERMISSION_SCOPE_SYSTEM, 266 } 267 PERMISSION_MANAGE_WEBHOOKS = &Permission{ 268 "manage_webhooks", 269 "authentication.permissions.manage_webhooks.name", 270 "authentication.permissions.manage_webhooks.description", 271 PERMISSION_SCOPE_TEAM, 272 } 273 PERMISSION_MANAGE_OTHERS_WEBHOOKS = &Permission{ 274 "manage_others_webhooks", 275 "authentication.permissions.manage_others_webhooks.name", 276 "authentication.permissions.manage_others_webhooks.description", 277 PERMISSION_SCOPE_TEAM, 278 } 279 PERMISSION_MANAGE_OAUTH = &Permission{ 280 "manage_oauth", 281 "authentication.permissions.manage_oauth.name", 282 "authentication.permissions.manage_oauth.description", 283 PERMISSION_SCOPE_SYSTEM, 284 } 285 PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH = &Permission{ 286 "manage_system_wide_oauth", 287 "authentication.permissions.manage_system_wide_oauth.name", 288 "authentication.permissions.manage_system_wide_oauth.description", 289 PERMISSION_SCOPE_SYSTEM, 290 } 291 PERMISSION_MANAGE_EMOJIS = &Permission{ 292 "manage_emojis", 293 "authentication.permissions.manage_emojis.name", 294 "authentication.permissions.manage_emojis.description", 295 PERMISSION_SCOPE_TEAM, 296 } 297 PERMISSION_MANAGE_OTHERS_EMOJIS = &Permission{ 298 "manage_others_emojis", 299 "authentication.permissions.manage_others_emojis.name", 300 "authentication.permissions.manage_others_emojis.description", 301 PERMISSION_SCOPE_TEAM, 302 } 303 PERMISSION_CREATE_POST = &Permission{ 304 "create_post", 305 "authentication.permissions.create_post.name", 306 "authentication.permissions.create_post.description", 307 PERMISSION_SCOPE_CHANNEL, 308 } 309 PERMISSION_CREATE_POST_PUBLIC = &Permission{ 310 "create_post_public", 311 "authentication.permissions.create_post_public.name", 312 "authentication.permissions.create_post_public.description", 313 PERMISSION_SCOPE_CHANNEL, 314 } 315 PERMISSION_CREATE_POST_EPHEMERAL = &Permission{ 316 "create_post_ephemeral", 317 "authentication.permissions.create_post_ephemeral.name", 318 "authentication.permissions.create_post_ephemeral.description", 319 PERMISSION_SCOPE_CHANNEL, 320 } 321 PERMISSION_EDIT_POST = &Permission{ 322 "edit_post", 323 "authentication.permissions.edit_post.name", 324 "authentication.permissions.edit_post.description", 325 PERMISSION_SCOPE_CHANNEL, 326 } 327 PERMISSION_EDIT_OTHERS_POSTS = &Permission{ 328 "edit_others_posts", 329 "authentication.permissions.edit_others_posts.name", 330 "authentication.permissions.edit_others_posts.description", 331 PERMISSION_SCOPE_CHANNEL, 332 } 333 PERMISSION_DELETE_POST = &Permission{ 334 "delete_post", 335 "authentication.permissions.delete_post.name", 336 "authentication.permissions.delete_post.description", 337 PERMISSION_SCOPE_CHANNEL, 338 } 339 PERMISSION_DELETE_OTHERS_POSTS = &Permission{ 340 "delete_others_posts", 341 "authentication.permissions.delete_others_posts.name", 342 "authentication.permissions.delete_others_posts.description", 343 PERMISSION_SCOPE_CHANNEL, 344 } 345 PERMISSION_REMOVE_USER_FROM_TEAM = &Permission{ 346 "remove_user_from_team", 347 "authentication.permissions.remove_user_from_team.name", 348 "authentication.permissions.remove_user_from_team.description", 349 PERMISSION_SCOPE_TEAM, 350 } 351 PERMISSION_CREATE_TEAM = &Permission{ 352 "create_team", 353 "authentication.permissions.create_team.name", 354 "authentication.permissions.create_team.description", 355 PERMISSION_SCOPE_SYSTEM, 356 } 357 PERMISSION_MANAGE_TEAM = &Permission{ 358 "manage_team", 359 "authentication.permissions.manage_team.name", 360 "authentication.permissions.manage_team.description", 361 PERMISSION_SCOPE_TEAM, 362 } 363 PERMISSION_IMPORT_TEAM = &Permission{ 364 "import_team", 365 "authentication.permissions.import_team.name", 366 "authentication.permissions.import_team.description", 367 PERMISSION_SCOPE_TEAM, 368 } 369 PERMISSION_VIEW_TEAM = &Permission{ 370 "view_team", 371 "authentication.permissions.view_team.name", 372 "authentication.permissions.view_team.description", 373 PERMISSION_SCOPE_TEAM, 374 } 375 PERMISSION_LIST_USERS_WITHOUT_TEAM = &Permission{ 376 "list_users_without_team", 377 "authentication.permissions.list_users_without_team.name", 378 "authentication.permissions.list_users_without_team.description", 379 PERMISSION_SCOPE_SYSTEM, 380 } 381 PERMISSION_CREATE_USER_ACCESS_TOKEN = &Permission{ 382 "create_user_access_token", 383 "authentication.permissions.create_user_access_token.name", 384 "authentication.permissions.create_user_access_token.description", 385 PERMISSION_SCOPE_SYSTEM, 386 } 387 PERMISSION_READ_USER_ACCESS_TOKEN = &Permission{ 388 "read_user_access_token", 389 "authentication.permissions.read_user_access_token.name", 390 "authentication.permissions.read_user_access_token.description", 391 PERMISSION_SCOPE_SYSTEM, 392 } 393 PERMISSION_REVOKE_USER_ACCESS_TOKEN = &Permission{ 394 "revoke_user_access_token", 395 "authentication.permissions.revoke_user_access_token.name", 396 "authentication.permissions.revoke_user_access_token.description", 397 PERMISSION_SCOPE_SYSTEM, 398 } 399 PERMISSION_MANAGE_JOBS = &Permission{ 400 "manage_jobs", 401 "authentication.permisssions.manage_jobs.name", 402 "authentication.permisssions.manage_jobs.description", 403 PERMISSION_SCOPE_SYSTEM, 404 } 405 406 ALL_PERMISSIONS = []*Permission{ 407 PERMISSION_INVITE_USER, 408 PERMISSION_ADD_USER_TO_TEAM, 409 PERMISSION_USE_SLASH_COMMANDS, 410 PERMISSION_MANAGE_SLASH_COMMANDS, 411 PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS, 412 PERMISSION_CREATE_PUBLIC_CHANNEL, 413 PERMISSION_CREATE_PRIVATE_CHANNEL, 414 PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS, 415 PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS, 416 PERMISSION_ASSIGN_SYSTEM_ADMIN_ROLE, 417 PERMISSION_MANAGE_ROLES, 418 PERMISSION_MANAGE_TEAM_ROLES, 419 PERMISSION_MANAGE_CHANNEL_ROLES, 420 PERMISSION_CREATE_DIRECT_CHANNEL, 421 PERMISSION_CREATE_GROUP_CHANNEL, 422 PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES, 423 PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES, 424 PERMISSION_LIST_TEAM_CHANNELS, 425 PERMISSION_JOIN_PUBLIC_CHANNELS, 426 PERMISSION_DELETE_PUBLIC_CHANNEL, 427 PERMISSION_DELETE_PRIVATE_CHANNEL, 428 PERMISSION_EDIT_OTHER_USERS, 429 PERMISSION_READ_CHANNEL, 430 PERMISSION_READ_PUBLIC_CHANNEL, 431 PERMISSION_ADD_REACTION, 432 PERMISSION_REMOVE_REACTION, 433 PERMISSION_REMOVE_OTHERS_REACTIONS, 434 PERMISSION_PERMANENT_DELETE_USER, 435 PERMISSION_UPLOAD_FILE, 436 PERMISSION_GET_PUBLIC_LINK, 437 PERMISSION_MANAGE_WEBHOOKS, 438 PERMISSION_MANAGE_OTHERS_WEBHOOKS, 439 PERMISSION_MANAGE_OAUTH, 440 PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH, 441 PERMISSION_MANAGE_EMOJIS, 442 PERMISSION_MANAGE_OTHERS_EMOJIS, 443 PERMISSION_CREATE_POST, 444 PERMISSION_CREATE_POST_PUBLIC, 445 PERMISSION_CREATE_POST_EPHEMERAL, 446 PERMISSION_EDIT_POST, 447 PERMISSION_EDIT_OTHERS_POSTS, 448 PERMISSION_DELETE_POST, 449 PERMISSION_DELETE_OTHERS_POSTS, 450 PERMISSION_REMOVE_USER_FROM_TEAM, 451 PERMISSION_CREATE_TEAM, 452 PERMISSION_MANAGE_TEAM, 453 PERMISSION_IMPORT_TEAM, 454 PERMISSION_VIEW_TEAM, 455 PERMISSION_LIST_USERS_WITHOUT_TEAM, 456 PERMISSION_MANAGE_JOBS, 457 PERMISSION_CREATE_USER_ACCESS_TOKEN, 458 PERMISSION_READ_USER_ACCESS_TOKEN, 459 PERMISSION_REVOKE_USER_ACCESS_TOKEN, 460 PERMISSION_MANAGE_SYSTEM, 461 } 462 } 463 464 func init() { 465 initializePermissions() 466 }