From 96a29883cd9c3d961665fb9e51ac9ec1cb264caf Mon Sep 17 00:00:00 2001 From: Michael Shamoon <4887959+shamoon@users.noreply.github.com> Date: Sat, 12 Nov 2022 04:03:35 -0800 Subject: [PATCH] Refactor permissions to use enums, permissions service --- src-ui/src/app/app-routing.module.ts | 105 ++++++++++++++---- src-ui/src/app/app.component.ts | 20 +++- src-ui/src/app/app.module.ts | 4 +- .../app-frame/app-frame.component.html | 26 ++--- .../app-frame/app-frame.component.ts | 10 +- .../dashboard/dashboard.component.html | 2 +- .../dashboard/dashboard.component.ts | 7 +- .../saved-view-widget.component.html | 4 +- .../saved-view-widget.component.ts | 10 +- .../upload-file-widget.component.html | 4 +- .../upload-file-widget.component.ts | 10 +- .../document-comments.component.html | 4 +- .../document-comments.component.ts | 7 +- .../document-detail.component.html | 4 +- .../document-detail.component.ts | 16 ++- .../bulk-editor/bulk-editor.component.html | 4 +- .../bulk-editor/bulk-editor.component.ts | 7 +- .../document-card-large.component.html | 2 +- .../document-card-large.component.ts | 12 +- .../document-card-small.component.html | 2 +- .../document-card-small.component.ts | 10 +- .../document-list.component.html | 6 +- .../document-list/document-list.component.ts | 10 +- .../correspondent-list.component.ts | 3 +- .../document-type-list.component.ts | 3 +- .../management-list.component.html | 14 +-- .../management-list.component.ts | 9 +- .../manage/settings/settings.component.html | 4 +- .../manage/settings/settings.component.ts | 3 + .../storage-path-list.component.ts | 3 +- .../manage/tag-list/tag-list.component.ts | 3 +- .../manage/tasks/tasks.component.html | 8 +- .../manage/tasks/tasks.component.ts | 10 +- .../with-permissions.component.ts | 9 ++ .../directives/if-permissions.directive.ts | 16 ++- src-ui/src/app/guards/auth.gard.ts | 19 ---- src-ui/src/app/guards/permissions.guard.ts | 19 ++++ .../src/app/services/permissions.service.ts | 49 ++++++++ src-ui/src/app/services/settings.service.ts | 11 +- 39 files changed, 335 insertions(+), 134 deletions(-) create mode 100644 src-ui/src/app/components/with-permissions/with-permissions.component.ts delete mode 100644 src-ui/src/app/guards/auth.gard.ts create mode 100644 src-ui/src/app/guards/permissions.guard.ts create mode 100644 src-ui/src/app/services/permissions.service.ts diff --git a/src-ui/src/app/app-routing.module.ts b/src-ui/src/app/app-routing.module.ts index 297637aa4..211afc6ac 100644 --- a/src-ui/src/app/app-routing.module.ts +++ b/src-ui/src/app/app-routing.module.ts @@ -14,9 +14,13 @@ import { DocumentAsnComponent } from './components/document-asn/document-asn.com import { DirtyFormGuard } from './guards/dirty-form.guard' import { StoragePathListComponent } from './components/manage/storage-path-list/storage-path-list.component' import { TasksComponent } from './components/manage/tasks/tasks.component' -import { AuthGard } from './guards/auth.gard' +import { PermissionsGuard } from './guards/permissions.guard' import { DirtyDocGuard } from './guards/dirty-doc.guard' import { DirtySavedViewGuard } from './guards/dirty-saved-view.guard' +import { + PermissionAction, + PermissionType, +} from './services/permissions.service' const routes: Routes = [ { path: '', redirectTo: 'dashboard', pathMatch: 'full' }, @@ -30,70 +34,125 @@ const routes: Routes = [ path: 'documents', component: DocumentListComponent, canDeactivate: [DirtySavedViewGuard], - canActivate: [AuthGard], - data: { requiredPermission: 'documents.view_document' }, + canActivate: [PermissionsGuard], + data: { + requiredPermission: { + action: PermissionAction.View, + type: PermissionType.Document, + }, + }, }, { path: 'view/:id', component: DocumentListComponent, canDeactivate: [DirtySavedViewGuard], - canActivate: [AuthGard], - data: { requiredPermission: 'documents.view_savedview' }, + canActivate: [PermissionsGuard], + data: { + requiredPermission: { + action: PermissionAction.View, + type: PermissionType.SavedView, + }, + }, }, { path: 'documents/:id', component: DocumentDetailComponent, - canActivate: [AuthGard], - data: { requiredPermission: 'documents.view_document' }, + canActivate: [PermissionsGuard], + data: { + requiredPermission: { + action: PermissionAction.View, + type: PermissionType.Document, + }, + }, }, { path: 'asn/:id', component: DocumentAsnComponent, - canActivate: [AuthGard], - data: { requiredPermission: 'documents.view_document' }, + canActivate: [PermissionsGuard], + data: { + requiredPermission: { + action: PermissionAction.View, + type: PermissionType.Document, + }, + }, }, { path: 'tags', component: TagListComponent, - canActivate: [AuthGard], - data: { requiredPermission: 'documents.view_tag' }, + canActivate: [PermissionsGuard], + data: { + requiredPermission: { + action: PermissionAction.View, + type: PermissionType.Tag, + }, + }, }, { path: 'documenttypes', component: DocumentTypeListComponent, - canActivate: [AuthGard], - data: { requiredPermission: 'documents.view_documenttype' }, + canActivate: [PermissionsGuard], + data: { + requiredPermission: { + action: PermissionAction.View, + type: PermissionType.DocumentType, + }, + }, }, { path: 'correspondents', component: CorrespondentListComponent, - canActivate: [AuthGard], - data: { requiredPermission: 'documents.view_correspondent' }, + canActivate: [PermissionsGuard], + data: { + requiredPermission: { + action: PermissionAction.View, + type: PermissionType.Correspondent, + }, + }, }, { path: 'storagepaths', component: StoragePathListComponent, - canActivate: [AuthGard], - data: { requiredPermission: 'documents.view_storagepath' }, + canActivate: [PermissionsGuard], + data: { + requiredPermission: { + action: PermissionAction.View, + type: PermissionType.StoragePath, + }, + }, }, { path: 'logs', component: LogsComponent, - canActivate: [AuthGard], - data: { requiredPermission: 'documents.view_log' }, + canActivate: [PermissionsGuard], + data: { + requiredPermission: { + action: PermissionAction.View, + type: PermissionType.Log, + }, + }, }, { path: 'settings', component: SettingsComponent, canDeactivate: [DirtyFormGuard], - canActivate: [AuthGard], - data: { requiredPermission: 'documents.view_uisettings' }, + canActivate: [PermissionsGuard], + data: { + requiredPermission: { + action: PermissionAction.View, + type: PermissionType.UISettings, + }, + }, }, { path: 'tasks', component: TasksComponent, - canActivate: [AuthGard], - data: { requiredPermission: 'documents.view_paperlesstask' }, + canActivate: [PermissionsGuard], + data: { + requiredPermission: { + action: PermissionAction.View, + type: PermissionType.PaperlessTask, + }, + }, }, ], }, diff --git a/src-ui/src/app/app.component.ts b/src-ui/src/app/app.component.ts index b07b0f35f..d0494aa59 100644 --- a/src-ui/src/app/app.component.ts +++ b/src-ui/src/app/app.component.ts @@ -9,6 +9,11 @@ import { NgxFileDropEntry } from 'ngx-file-drop' import { UploadDocumentsService } from './services/upload-documents.service' import { TasksService } from './services/tasks.service' import { TourService } from 'ngx-ui-tour-ng-bootstrap' +import { + PermissionAction, + PermissionsService, + PermissionType, +} from './services/permissions.service' @Component({ selector: 'app-root', @@ -32,7 +37,8 @@ export class AppComponent implements OnInit, OnDestroy { private uploadDocumentsService: UploadDocumentsService, private tasksService: TasksService, public tourService: TourService, - private renderer: Renderer2 + private renderer: Renderer2, + private permissionsService: PermissionsService ) { let anyWindow = window as any anyWindow.pdfWorkerSrc = 'assets/js/pdf.worker.min.js' @@ -74,7 +80,12 @@ export class AppComponent implements OnInit, OnDestroy { if ( this.showNotification(SETTINGS_KEYS.NOTIFICATIONS_CONSUMER_SUCCESS) ) { - if (this.settings.currentUserCan('documents.view_document')) { + if ( + this.permissionsService.currentUserCan({ + action: PermissionAction.View, + type: PermissionType.Document, + }) + ) { this.toastService.show({ title: $localize`Document added`, delay: 10000, @@ -209,7 +220,10 @@ export class AppComponent implements OnInit, OnDestroy { public get dragDropEnabled(): boolean { return ( !this.router.url.includes('dashboard') && - this.settings.currentUserCan('documents.add_document') + this.permissionsService.currentUserCan({ + action: PermissionAction.Add, + type: PermissionType.Document, + }) ) } diff --git a/src-ui/src/app/app.module.ts b/src-ui/src/app/app.module.ts index 9af4a581b..cf8fbba96 100644 --- a/src-ui/src/app/app.module.ts +++ b/src-ui/src/app/app.module.ts @@ -70,7 +70,7 @@ import { ColorSliderModule } from 'ngx-color/slider' import { ColorComponent } from './components/common/input/color/color.component' import { DocumentAsnComponent } from './components/document-asn/document-asn.component' import { DocumentCommentsComponent } from './components/document-comments/document-comments.component' -import { AuthGard } from './guards/auth.gard' +import { PermissionsGuard } from './guards/permissions.guard' import { DirtyDocGuard } from './guards/dirty-doc.guard' import { DirtySavedViewGuard } from './guards/dirty-saved-view.guard' import { StoragePathListComponent } from './components/manage/storage-path-list/storage-path-list.component' @@ -220,7 +220,7 @@ function initializeApp(settings: SettingsService) { DocumentTitlePipe, { provide: NgbDateAdapter, useClass: ISODateAdapter }, { provide: NgbDateParserFormatter, useClass: LocalizedDateParserFormatter }, - AuthGard, + PermissionsGuard, DirtyDocGuard, DirtySavedViewGuard, ], diff --git a/src-ui/src/app/components/app-frame/app-frame.component.html b/src-ui/src/app/components/app-frame/app-frame.component.html index 6ad83c9da..ab8b7f2a5 100644 --- a/src-ui/src/app/components/app-frame/app-frame.component.html +++ b/src-ui/src/app/components/app-frame/app-frame.component.html @@ -10,7 +10,7 @@ Paperless-ngx -
+
@@ -39,7 +39,7 @@

Logged in as {{this.settingsService.displayName}}

- + Settings @@ -72,7 +72,7 @@  Dashboard -
  • +
  • @@ -80,7 +80,7 @@
    • -
    +
    Saved views @@ -96,7 +96,7 @@
    -
    +
    Open documents
    @@ -127,35 +127,35 @@ Manage