From b2f7a664c0eda14d9da729d44ba0c0ab99a189fb Mon Sep 17 00:00:00 2001 From: Arthur Schiwon Date: Tue, 27 Feb 2024 14:10:49 +0100 Subject: [PATCH 1/2] feat(Permissions): add method to check access for any node type Signed-off-by: Arthur Schiwon --- lib/AppInfo/Application.php | 3 +++ lib/Service/PermissionsService.php | 12 ++++++++++++ 2 files changed, 15 insertions(+) diff --git a/lib/AppInfo/Application.php b/lib/AppInfo/Application.php index 3679992a9..05047f29a 100644 --- a/lib/AppInfo/Application.php +++ b/lib/AppInfo/Application.php @@ -26,6 +26,9 @@ class Application extends App implements IBootstrap { public const APP_ID = 'tables'; + public const NODE_TYPE_TABLE = 0; + public const NODE_TYPE_VIEW = 1; + public function __construct() { parent::__construct(self::APP_ID); } diff --git a/lib/Service/PermissionsService.php b/lib/Service/PermissionsService.php index 8b3c851de..989c463cf 100644 --- a/lib/Service/PermissionsService.php +++ b/lib/Service/PermissionsService.php @@ -2,6 +2,7 @@ namespace OCA\Tables\Service; +use OCA\Tables\AppInfo\Application; use OCA\Tables\Db\Share; use OCA\Tables\Db\ShareMapper; use OCA\Tables\Db\Table; @@ -95,6 +96,17 @@ public function canUpdateTable(Table $table, ?string $userId = null): bool { return $this->canManageTable($table, $userId); } + public function canAccessNodeById(int $nodeType, int $nodeId, ?string $userId = null): bool { + if ($nodeType === Application::NODE_TYPE_TABLE) { + return $this->canReadColumnsByTableId($nodeId, $this->userId); + } + if ($nodeType === Application::NODE_TYPE_VIEW) { + return $this->canReadColumnsByViewId($nodeId, $this->userId); + } + + return false; + } + public function canAccessView(View $view, ?string $userId = null): bool { if($this->basisCheck($view, 'view', $userId)) { return true; From 26096d5f948a3717681b4280a0d35c4fb1f5b4d9 Mon Sep 17 00:00:00 2001 From: Arthur Schiwon Date: Tue, 27 Feb 2024 14:21:35 +0100 Subject: [PATCH 2/2] feat(Permissions): add method for manage perms on any node type Signed-off-by: Arthur Schiwon --- lib/Service/PermissionsService.php | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/lib/Service/PermissionsService.php b/lib/Service/PermissionsService.php index 989c463cf..390011a3b 100644 --- a/lib/Service/PermissionsService.php +++ b/lib/Service/PermissionsService.php @@ -107,6 +107,17 @@ public function canAccessNodeById(int $nodeType, int $nodeId, ?string $userId = return false; } + public function canManageNodeById(int $nodeType, int $nodeId, ?string $userId = null): bool { + if ($nodeType === Application::NODE_TYPE_TABLE) { + return $this->canManageTableById($nodeId, $this->userId); + } + if ($nodeType === Application::NODE_TYPE_VIEW) { + return $this->canManageViewById($nodeId, $this->userId); + } + + return false; + } + public function canAccessView(View $view, ?string $userId = null): bool { if($this->basisCheck($view, 'view', $userId)) { return true; @@ -130,6 +141,7 @@ public function canAccessView(View $view, ?string $userId = null): bool { * @param string|null $userId * @return bool * @throws InternalError + * @note prefer canManageNodeById() */ public function canManageElementById(int $elementId, string $nodeType = 'table', ?string $userId = null): bool { if ($nodeType === 'table') {