Web:Client: move all check for access rights for Accounts into AccessRights store
This commit is contained in:
parent
b8314e86e1
commit
b12f039a84
@ -107,6 +107,7 @@ const Table = ({
|
||||
hasMoreAccounts,
|
||||
filterTotal,
|
||||
withPaging,
|
||||
canChangeUserType,
|
||||
}) => {
|
||||
const ref = useRef(null);
|
||||
|
||||
@ -156,6 +157,7 @@ const Table = ({
|
||||
isOwner={isOwner}
|
||||
changeUserType={changeType}
|
||||
userId={userId}
|
||||
canChangeUserType={canChangeUserType}
|
||||
/>
|
||||
))}
|
||||
</TableBody>
|
||||
@ -165,7 +167,7 @@ const Table = ({
|
||||
);
|
||||
};
|
||||
|
||||
export default inject(({ peopleStore, auth }) => {
|
||||
export default inject(({ peopleStore, auth, accessRights }) => {
|
||||
const {
|
||||
usersStore,
|
||||
filterStore,
|
||||
@ -180,6 +182,8 @@ export default inject(({ peopleStore, auth }) => {
|
||||
const { isVisible: infoPanelVisible } = auth.infoPanelStore;
|
||||
const { isAdmin, isOwner, id: userId } = auth.userStore.user;
|
||||
|
||||
const { canChangeUserType } = accessRights;
|
||||
|
||||
return {
|
||||
peopleList,
|
||||
viewAs,
|
||||
@ -195,5 +199,6 @@ export default inject(({ peopleStore, auth }) => {
|
||||
fetchMoreAccounts,
|
||||
hasMoreAccounts,
|
||||
filterTotal,
|
||||
canChangeUserType,
|
||||
};
|
||||
})(observer(Table));
|
||||
|
@ -129,14 +129,15 @@ const PeopleTableRow = (props) => {
|
||||
checkedProps,
|
||||
onContentRowSelect,
|
||||
onEmailClick,
|
||||
isAdmin,
|
||||
|
||||
isOwner,
|
||||
theme,
|
||||
changeUserType,
|
||||
userId,
|
||||
|
||||
setBufferSelection,
|
||||
isActive,
|
||||
isSeveralSelection,
|
||||
canChangeUserType,
|
||||
} = props;
|
||||
|
||||
const {
|
||||
@ -147,10 +148,7 @@ const PeopleTableRow = (props) => {
|
||||
position,
|
||||
rooms,
|
||||
|
||||
id,
|
||||
|
||||
role,
|
||||
|
||||
isVisitor,
|
||||
} = item;
|
||||
|
||||
@ -278,26 +276,9 @@ const PeopleTableRow = (props) => {
|
||||
</Text>
|
||||
);
|
||||
|
||||
if (userId === id || statusType === "disabled") return text;
|
||||
const canChange = canChangeUserType(item);
|
||||
|
||||
switch (role) {
|
||||
case "owner":
|
||||
return text;
|
||||
|
||||
case "admin":
|
||||
case "manager":
|
||||
if (isOwner) {
|
||||
return combobox;
|
||||
} else {
|
||||
return text;
|
||||
}
|
||||
|
||||
case "user":
|
||||
return combobox;
|
||||
|
||||
default:
|
||||
return text;
|
||||
}
|
||||
return canChange ? combobox : text;
|
||||
};
|
||||
|
||||
const typeCell = renderTypeCell();
|
||||
|
@ -163,7 +163,7 @@ const SectionHeaderContent = (props) => {
|
||||
setInfoPanelIsVisible,
|
||||
isInfoPanelVisible,
|
||||
isOwner,
|
||||
isAdmin,
|
||||
|
||||
setInvitePanelOptions,
|
||||
} = props;
|
||||
|
||||
|
@ -77,6 +77,7 @@ const InfoPanelBodyContent = ({
|
||||
isOwner: props.isOwner,
|
||||
isAdmin: props.isAdmin,
|
||||
changeUserType: props.changeUserType,
|
||||
canChangeUserType: props.canChangeUserType,
|
||||
},
|
||||
galleryProps: {
|
||||
getIcon,
|
||||
@ -229,6 +230,7 @@ export default inject(
|
||||
oformsStore,
|
||||
contextOptionsStore,
|
||||
peopleStore,
|
||||
accessRights,
|
||||
}) => {
|
||||
const { isOwner, isAdmin, id: selfId } = auth.userStore.user;
|
||||
const { personal, culture } = auth.settingsStore;
|
||||
@ -241,6 +243,7 @@ export default inject(
|
||||
const {
|
||||
getFilesContextOptions: getContextOptionActions,
|
||||
} = contextOptionsStore;
|
||||
const { canChangeUserType } = accessRights;
|
||||
|
||||
const {
|
||||
selection,
|
||||
@ -342,6 +345,7 @@ export default inject(
|
||||
gallerySelected,
|
||||
|
||||
isRootFolder,
|
||||
canChangeUserType,
|
||||
};
|
||||
}
|
||||
)(withRouter(observer(InfoPanelBodyContent)));
|
||||
|
@ -16,6 +16,7 @@ const Accounts = ({
|
||||
isOwner,
|
||||
isAdmin,
|
||||
changeUserType,
|
||||
canChangeUserType,
|
||||
selfId,
|
||||
}) => {
|
||||
const [statusLabel, setStatusLabel] = React.useState("");
|
||||
@ -126,26 +127,9 @@ const Accounts = ({
|
||||
|
||||
const status = getUserStatus(selection);
|
||||
|
||||
if (selfId === id || status === "disabled") return text;
|
||||
const canChange = canChangeUserType({ ...selection, statusType: status });
|
||||
|
||||
switch (role) {
|
||||
case "owner":
|
||||
return text;
|
||||
|
||||
case "admin":
|
||||
case "manager":
|
||||
if (isOwner) {
|
||||
return combobox;
|
||||
} else {
|
||||
return text;
|
||||
}
|
||||
|
||||
case "user":
|
||||
return combobox;
|
||||
|
||||
default:
|
||||
return text;
|
||||
}
|
||||
return canChange ? combobox : text;
|
||||
};
|
||||
|
||||
const typeData = renderTypeData();
|
||||
|
142
packages/client/src/store/AccessRights.js
Normal file
142
packages/client/src/store/AccessRights.js
Normal file
@ -0,0 +1,142 @@
|
||||
import { makeAutoObservable } from "mobx";
|
||||
|
||||
import {
|
||||
EmployeeActivationStatus,
|
||||
EmployeeStatus,
|
||||
} from "@docspace/common/constants";
|
||||
|
||||
class AccessRights {
|
||||
authStore = null;
|
||||
|
||||
constructor(authStore) {
|
||||
this.authStore = authStore;
|
||||
|
||||
makeAutoObservable(this);
|
||||
}
|
||||
|
||||
canChangeUserType = (user) => {
|
||||
const { id, isOwner } = this.authStore;
|
||||
|
||||
const { id: userId, statusType, role } = user;
|
||||
|
||||
if (userId === id || statusType === EmployeeStatus.Disabled) return text;
|
||||
|
||||
switch (role) {
|
||||
case "owner":
|
||||
return false;
|
||||
|
||||
case "admin":
|
||||
case "manager":
|
||||
if (isOwner) {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
|
||||
case "user":
|
||||
return true;
|
||||
|
||||
default:
|
||||
return false;
|
||||
}
|
||||
};
|
||||
|
||||
canMakeEmployeeUser = (user) => {
|
||||
const { id, isOwner } = this.authStore;
|
||||
|
||||
const {
|
||||
status,
|
||||
id: userId,
|
||||
isAdmin: userIsAdmin,
|
||||
isOwner: userIsOwner,
|
||||
isVisitor: userIsVisitor,
|
||||
} = user;
|
||||
|
||||
const needMakeEmployee =
|
||||
status !== EmployeeStatus.Disabled && userId !== id;
|
||||
|
||||
if (isOwner) return needMakeEmployee;
|
||||
|
||||
return needMakeEmployee && !userIsAdmin && !userIsOwner && userIsVisitor;
|
||||
};
|
||||
|
||||
canActivateUser = (user) => {
|
||||
const { id, isOwner, isAdmin } = this.authStore;
|
||||
|
||||
const {
|
||||
status,
|
||||
id: userId,
|
||||
isAdmin: userIsAdmin,
|
||||
isOwner: userIsOwner,
|
||||
} = user;
|
||||
|
||||
const needActivate = status !== EmployeeStatus.Active && userId !== id;
|
||||
|
||||
if (isOwner) return needActivate;
|
||||
|
||||
if (isAdmin) return needActivate && !userIsAdmin && !userIsOwner;
|
||||
|
||||
return false;
|
||||
};
|
||||
|
||||
canDisableUser = (user) => {
|
||||
const { id, isOwner, isAdmin } = this.authStore;
|
||||
|
||||
const {
|
||||
status,
|
||||
id: userId,
|
||||
isAdmin: userIsAdmin,
|
||||
isOwner: userIsOwner,
|
||||
} = user;
|
||||
|
||||
const needDisable = status !== EmployeeStatus.Disabled && userId !== id;
|
||||
|
||||
if (isOwner) return needDisable;
|
||||
|
||||
if (isAdmin) return needDisable && !userIsAdmin && !userIsOwner;
|
||||
|
||||
return false;
|
||||
};
|
||||
|
||||
canInviteUser = (user) => {
|
||||
const { id, isOwner } = this.authStore;
|
||||
|
||||
const {
|
||||
activationStatus,
|
||||
status,
|
||||
id: userId,
|
||||
isAdmin: userIsAdmin,
|
||||
isOwner: userIsOwner,
|
||||
} = user;
|
||||
|
||||
const needInvite =
|
||||
activationStatus === EmployeeActivationStatus.Pending &&
|
||||
status === EmployeeStatus.Active &&
|
||||
userId !== id;
|
||||
|
||||
if (isOwner) return needInvite;
|
||||
|
||||
return needInvite && !userIsAdmin && !userIsOwner;
|
||||
};
|
||||
|
||||
canRemoveUser = (user) => {
|
||||
const { id, isOwner, isAdmin } = this.authStore;
|
||||
|
||||
const {
|
||||
status,
|
||||
id: userId,
|
||||
isAdmin: userIsAdmin,
|
||||
isOwner: userIsOwner,
|
||||
} = user;
|
||||
|
||||
const needRemove = status === EmployeeStatus.Disabled && userId !== id;
|
||||
|
||||
if (isOwner) return needRemove;
|
||||
|
||||
if (isAdmin) return needRemove && !userIsAdmin && !userIsOwner;
|
||||
|
||||
return false;
|
||||
};
|
||||
}
|
||||
|
||||
export default AccessRights;
|
@ -39,10 +39,11 @@ class PeopleStore {
|
||||
loadingStore = null;
|
||||
infoPanelStore = null;
|
||||
setupStore = null;
|
||||
accessRights = null;
|
||||
isInit = false;
|
||||
viewAs = isMobileRDD ? "row" : "table";
|
||||
|
||||
constructor(authStore, infoPanelStore, setupStore) {
|
||||
constructor(authStore, infoPanelStore, setupStore, accessRights) {
|
||||
this.authStore = authStore;
|
||||
this.groupsStore = new GroupsStore(this);
|
||||
this.usersStore = new UsersStore(this, authStore);
|
||||
@ -58,6 +59,7 @@ class PeopleStore {
|
||||
this.loadingStore = new LoadingStore();
|
||||
this.infoPanelStore = infoPanelStore;
|
||||
this.setupStore = setupStore;
|
||||
this.accessRights = accessRights;
|
||||
|
||||
this.contextOptionsStore = new AccountsContextOptionsStore(this);
|
||||
|
||||
|
@ -1,8 +1,5 @@
|
||||
import { makeAutoObservable } from "mobx";
|
||||
import {
|
||||
EmployeeStatus,
|
||||
EmployeeActivationStatus,
|
||||
} from "@docspace/common/constants";
|
||||
import { EmployeeStatus } from "@docspace/common/constants";
|
||||
import { getUserStatus } from "../helpers/people-helpers";
|
||||
|
||||
class SelectionStore {
|
||||
@ -102,47 +99,17 @@ class SelectionStore {
|
||||
}
|
||||
|
||||
get hasUsersToMakeEmployees() {
|
||||
const { id, isOwner } = this.peopleStore.authStore.userStore.user;
|
||||
const { canMakeEmployeeUser } = this.peopleStore.accessRights;
|
||||
|
||||
if (isOwner) {
|
||||
const users = this.selection.filter(
|
||||
(x) => x.status !== EmployeeStatus.Disabled && x.id !== id
|
||||
);
|
||||
|
||||
return users.length > 0;
|
||||
}
|
||||
|
||||
const users = this.selection.filter(
|
||||
(x) =>
|
||||
x.status !== EmployeeStatus.Disabled &&
|
||||
x.id !== id &&
|
||||
!x.isAdmin &&
|
||||
!x.isOwner &&
|
||||
x.isVisitor
|
||||
);
|
||||
const users = this.selection.filter((x) => canMakeEmployeeUser(x));
|
||||
|
||||
return users.length > 0;
|
||||
}
|
||||
|
||||
get getUsersToMakeEmployees() {
|
||||
const { id, isOwner } = this.peopleStore.authStore.userStore.user;
|
||||
const { canMakeEmployeeUser } = this.peopleStore.accessRights;
|
||||
|
||||
if (isOwner) {
|
||||
const users = this.selection.filter(
|
||||
(x) => x.status !== EmployeeStatus.Disabled && x.id !== id
|
||||
);
|
||||
|
||||
return users.map((u) => u);
|
||||
}
|
||||
|
||||
const users = this.selection.filter(
|
||||
(x) =>
|
||||
x.status !== EmployeeStatus.Disabled &&
|
||||
x.id !== id &&
|
||||
!x.isAdmin &&
|
||||
!x.isOwner &&
|
||||
x.isVisitor
|
||||
);
|
||||
const users = this.selection.filter((x) => canMakeEmployeeUser(x));
|
||||
|
||||
return users.map((u) => u);
|
||||
}
|
||||
@ -156,211 +123,67 @@ class SelectionStore {
|
||||
}
|
||||
|
||||
get hasUsersToActivate() {
|
||||
const { id, isOwner, isAdmin } = this.peopleStore.authStore.userStore.user;
|
||||
const { canActivateUser } = this.peopleStore.accessRights;
|
||||
|
||||
if (isOwner) {
|
||||
const users = this.selection.filter(
|
||||
(x) => x.status !== EmployeeStatus.Active && x.id !== id
|
||||
);
|
||||
const users = this.selection.filter((x) => canActivateUser(x));
|
||||
|
||||
return users.length > 0;
|
||||
}
|
||||
|
||||
if (isAdmin && !isOwner) {
|
||||
const users = this.selection.filter(
|
||||
(x) =>
|
||||
x.status !== EmployeeStatus.Active &&
|
||||
x.id !== id &&
|
||||
!x.isAdmin &&
|
||||
!x.isOwner
|
||||
);
|
||||
|
||||
return users.length > 0;
|
||||
}
|
||||
|
||||
return false;
|
||||
return users.length > 0;
|
||||
}
|
||||
|
||||
get getUsersToActivate() {
|
||||
const { id, isOwner, isAdmin } = this.peopleStore.authStore.userStore.user;
|
||||
const { canActivateUser } = this.peopleStore.accessRights;
|
||||
|
||||
if (isOwner) {
|
||||
const users = this.selection.filter(
|
||||
(x) => x.status !== EmployeeStatus.Active && x.id !== id
|
||||
);
|
||||
const users = this.selection.filter((x) => canActivateUser(x));
|
||||
|
||||
return users.map((u) => u);
|
||||
}
|
||||
|
||||
if (isAdmin && !isOwner) {
|
||||
const users = this.selection.filter(
|
||||
(x) =>
|
||||
x.status !== EmployeeStatus.Active &&
|
||||
x.id !== id &&
|
||||
!x.isAdmin &&
|
||||
!x.isOwner
|
||||
);
|
||||
|
||||
return users.map((u) => u);
|
||||
}
|
||||
|
||||
return [];
|
||||
return users.map((u) => u);
|
||||
}
|
||||
|
||||
get hasUsersToDisable() {
|
||||
const { id, isOwner, isAdmin } = this.peopleStore.authStore.userStore.user;
|
||||
const { canDisableUser } = this.peopleStore.accessRights;
|
||||
|
||||
if (isOwner) {
|
||||
const users = this.selection.filter(
|
||||
(x) => x.status !== EmployeeStatus.Disabled && x.id !== id
|
||||
);
|
||||
const users = this.selection.filter((x) => canDisableUser(x));
|
||||
|
||||
return users.length > 0;
|
||||
}
|
||||
|
||||
if (isAdmin && !isOwner) {
|
||||
const users = this.selection.filter(
|
||||
(x) =>
|
||||
x.status !== EmployeeStatus.Disabled &&
|
||||
x.id !== id &&
|
||||
!x.isAdmin &&
|
||||
!x.isOwner
|
||||
);
|
||||
|
||||
return users.length > 0;
|
||||
}
|
||||
|
||||
return false;
|
||||
return users.length > 0;
|
||||
}
|
||||
|
||||
get getUsersToDisable() {
|
||||
const { id, isOwner, isAdmin } = this.peopleStore.authStore.userStore.user;
|
||||
const { canDisableUser } = this.peopleStore.accessRights;
|
||||
|
||||
if (isOwner) {
|
||||
const users = this.selection.filter(
|
||||
(x) => x.status !== EmployeeStatus.Disabled && x.id !== id
|
||||
);
|
||||
const users = this.selection.filter((x) => canDisableUser(x));
|
||||
|
||||
return users.map((u) => u);
|
||||
}
|
||||
|
||||
if (isAdmin && !isOwner) {
|
||||
const users = this.selection.filter(
|
||||
(x) =>
|
||||
x.status !== EmployeeStatus.Disabled &&
|
||||
x.id !== id &&
|
||||
!x.isAdmin &&
|
||||
!x.isOwner
|
||||
);
|
||||
|
||||
return users.map((u) => u);
|
||||
}
|
||||
|
||||
return [];
|
||||
return users.map((u) => u);
|
||||
}
|
||||
|
||||
get hasUsersToInvite() {
|
||||
const { id, isOwner, isAdmin } = this.peopleStore.authStore.userStore.user;
|
||||
const { canInviteUser } = this.peopleStore.accessRights;
|
||||
|
||||
if (isOwner) {
|
||||
const users = this.selection.filter(
|
||||
(x) =>
|
||||
x.activationStatus === EmployeeActivationStatus.Pending &&
|
||||
x.status === EmployeeStatus.Active &&
|
||||
x.id !== id
|
||||
);
|
||||
|
||||
return users.length > 0;
|
||||
}
|
||||
|
||||
const users = this.selection.filter(
|
||||
(x) =>
|
||||
x.activationStatus === EmployeeActivationStatus.Pending &&
|
||||
x.status === EmployeeStatus.Active &&
|
||||
x.id !== id &&
|
||||
!x.isAdmin &&
|
||||
!x.isOwner
|
||||
);
|
||||
const users = this.selection.filter((x) => canInviteUser(x));
|
||||
|
||||
return users.length > 0;
|
||||
}
|
||||
|
||||
get getUsersToInviteIds() {
|
||||
const { id, isOwner, isAdmin } = this.peopleStore.authStore.userStore.user;
|
||||
const { canRemoveUser } = this.peopleStore.accessRights;
|
||||
|
||||
if (isOwner) {
|
||||
const users = this.selection.filter(
|
||||
(x) =>
|
||||
x.activationStatus === EmployeeActivationStatus.Pending &&
|
||||
x.status === EmployeeStatus.Active &&
|
||||
x.id !== id
|
||||
);
|
||||
const users = this.selection.filter((x) => canRemoveUser(x));
|
||||
|
||||
return users.map((u) => u.id);
|
||||
}
|
||||
|
||||
const users = this.selection.filter(
|
||||
(x) =>
|
||||
x.activationStatus === EmployeeActivationStatus.Pending &&
|
||||
x.status === EmployeeStatus.Active &&
|
||||
x.id !== id &&
|
||||
!x.isAdmin &&
|
||||
!x.isOwner
|
||||
);
|
||||
|
||||
return users.map((u) => u.id);
|
||||
return users.length > 0 ? users.map((u) => u.id) : false;
|
||||
}
|
||||
|
||||
get hasUsersToRemove() {
|
||||
const { id, isOwner, isAdmin } = this.peopleStore.authStore.userStore.user;
|
||||
const { canRemoveUser } = this.peopleStore.accessRights;
|
||||
|
||||
if (isOwner) {
|
||||
const users = this.selection.filter(
|
||||
(x) => x.status === EmployeeStatus.Disabled && x.id !== id
|
||||
);
|
||||
const users = this.selection.filter((x) => canRemoveUser(x));
|
||||
|
||||
return users.length > 0;
|
||||
}
|
||||
|
||||
if (isAdmin && !isOwner) {
|
||||
const users = this.selection.filter(
|
||||
(x) =>
|
||||
x.status === EmployeeStatus.Disabled &&
|
||||
x.id !== id &&
|
||||
!x.isAdmin &&
|
||||
!x.isOwner
|
||||
);
|
||||
|
||||
return users.length > 0;
|
||||
}
|
||||
|
||||
return false;
|
||||
return users.length > 0;
|
||||
}
|
||||
|
||||
get getUsersToRemoveIds() {
|
||||
const { id, isOwner, isAdmin } = this.peopleStore.authStore.userStore.user;
|
||||
const { canRemoveUser } = this.peopleStore.accessRights;
|
||||
|
||||
if (isOwner) {
|
||||
const users = this.selection.filter(
|
||||
(x) => x.status === EmployeeStatus.Disabled && x.id !== id
|
||||
);
|
||||
const users = this.selection.filter((x) => canRemoveUser(x));
|
||||
|
||||
return users.map((u) => u.id);
|
||||
}
|
||||
|
||||
if (isAdmin && !isOwner) {
|
||||
const users = this.selection.filter(
|
||||
(x) =>
|
||||
x.status === EmployeeStatus.Disabled &&
|
||||
x.id !== id &&
|
||||
!x.isAdmin &&
|
||||
!x.isOwner
|
||||
);
|
||||
|
||||
return users.map((u) => u.id);
|
||||
}
|
||||
|
||||
return false;
|
||||
return users.length > 0 ? users : false;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -30,9 +30,12 @@ import selectFileDialogStore from "./SelectFileDialogStore";
|
||||
import TagsStore from "./TagsStore";
|
||||
import PeopleStore from "./PeopleStore";
|
||||
import OformsStore from "./OformsStore";
|
||||
import AccessRights from "./AccessRights";
|
||||
|
||||
const oformsStore = new OformsStore(authStore);
|
||||
|
||||
const accessRights = new AccessRights(authStore);
|
||||
|
||||
const paymentStore = new PaymentStore();
|
||||
const wizardStore = new WizardStore();
|
||||
const setupStore = new SettingsSetupStore();
|
||||
@ -46,7 +49,8 @@ const ssoStore = new SsoFormStore();
|
||||
const peopleStore = new PeopleStore(
|
||||
authStore,
|
||||
authStore.infoPanelStore,
|
||||
setupStore
|
||||
setupStore,
|
||||
accessRights
|
||||
);
|
||||
|
||||
const tagsStore = new TagsStore();
|
||||
@ -166,6 +170,8 @@ const store = {
|
||||
tagsStore,
|
||||
|
||||
peopleStore,
|
||||
|
||||
accessRights,
|
||||
};
|
||||
|
||||
export default store;
|
||||
|
Loading…
Reference in New Issue
Block a user