diff --git a/codegen.sh b/codegen.sh index 74c713a2e..92bbedb61 100755 --- a/codegen.sh +++ b/codegen.sh @@ -22,9 +22,9 @@ function permissions { CGO_ENABLED=0 go build -o ./build/gen-permissions codegen/v2/permissions.go fi - ./build/gen-permissions -package types -function "func (c *Organisation) Permissions() []rules.OperationGroup" -input messaging/types/permissions/1-organisation.json -output messaging/types/organisation.perms.gen.go - ./build/gen-permissions -package types -function "func (c *Team) Permissions() []rules.OperationGroup" -input messaging/types/permissions/2-team.json -output messaging/types/team.perms.gen.go - ./build/gen-permissions -package types -function "func (c *Channel) Permissions() []rules.OperationGroup" -input messaging/types/permissions/3-channel.json -output messaging/types/channel.perms.gen.go + ./build/gen-permissions -package types -object-name Organisation -input messaging/types/permissions/1-organisation.json -output messaging/types/organisation.perms.gen.go + ./build/gen-permissions -package types -object-name Team -input messaging/types/permissions/2-team.json -output messaging/types/team.perms.gen.go + ./build/gen-permissions -package types -object-name Channel -input messaging/types/permissions/3-channel.json -output messaging/types/channel.perms.gen.go green "OK" } diff --git a/codegen/v2/permissions.go b/codegen/v2/permissions.go index a52071c97..633adc1c0 100644 --- a/codegen/v2/permissions.go +++ b/codegen/v2/permissions.go @@ -17,23 +17,43 @@ import ( func main() { var ( - pkg = flag.String("package", "main", "Package name") - input = flag.String("input", "", "Input .json filename") - output = flag.String("output", "", "Output .go filename") - fname = flag.String("function", "func Permissions() []rules.OperationGroup", "Default function declaration") + pkg = flag.String("package", "main", "Package name") + input = flag.String("input", "", "Input .json filename") + output = flag.String("output", "", "Output .go filename") + objectName = flag.String("object-name", "c Permissions() []rules.OperationGroup", "Default function declaration") ) flag.Parse() - export := func(s string) []byte { - s = strings.Replace(s, "true,", "true,\n", -1) - s = strings.Replace(s, "false,", "false,\n", -1) - s = strings.Replace(s, "{", "{\n", -1) - s = strings.Replace(s, "}", ",\n}", -1) - s = strings.Replace(s, "\", ", "\",\n", -1) + var ( + fnPermissions = fmt.Sprintf("func (*%s) Permissions() []rules.OperationGroup", *objectName) + fnPermissionDefault = fmt.Sprintf("func (*%s) PermissionDefault(key string) rules.Access", *objectName) + ) - s = strings.Replace(s, "Default:2,", "Default: rules.Allow,", -1) - s = strings.Replace(s, "Default:1,", "Default: rules.Deny,", -1) - s = strings.Replace(s, "Default:0,", "Default: rules.Inherit,", -1) + export := func(s string, values string) []byte { + formatCode := func(s string) string { + s = strings.Replace(s, "true,", "true,\n", -1) + s = strings.Replace(s, "false,", "false,\n", -1) + s = strings.Replace(s, "{", "{\n", -1) + s = strings.Replace(s, "}", ",\n}", -1) + s = strings.Replace(s, "\", ", "\",\n", -1) + + s = strings.Replace(s, "Default:2,", "Default: rules.Allow,", -1) + s = strings.Replace(s, "Default:1,", "Default: rules.Deny,", -1) + s = strings.Replace(s, "Default:0,", "Default: rules.Inherit,", -1) + return s + } + + formatDefaults := func(s string) string { + s = formatCode(s) + s = strings.Replace(s, ", ", ",\n", -1) + s = strings.Replace(s, ":2,", ": rules.Allow,", -1) + s = strings.Replace(s, ":1,", ": rules.Deny,", -1) + s = strings.Replace(s, ":0,", ": rules.Inherit,", -1) + return s + } + + s = formatCode(s) + values = formatDefaults(values) var w bytes.Buffer @@ -43,9 +63,17 @@ func main() { fmt.Fprintln(&w) fmt.Fprintln(&w, "/* File is generated from", *input, "with permissions.go */") fmt.Fprintln(&w) - fmt.Fprintln(&w, *fname, "{") + fmt.Fprintln(&w, fnPermissions, "{") fmt.Fprintln(&w, "\treturn", s) fmt.Fprintln(&w, "}") + fmt.Fprintln(&w) + fmt.Fprintln(&w, fnPermissionDefault, "{") + fmt.Fprintln(&w, "\tvalues := ", values) + fmt.Fprintln(&w, "\tif value, ok := values[key]; ok {") + fmt.Fprintln(&w, "\t\treturn value") + fmt.Fprintln(&w, "\t}") + fmt.Fprintln(&w, "\treturn rules.Inherit") + fmt.Fprintln(&w, "}") fmtsrc, err := format.Source(w.Bytes()) if err != nil { @@ -57,6 +85,7 @@ func main() { } var result []rules.OperationGroup + f, err := os.Open(*input) if err != nil { log.Fatal(err) @@ -64,7 +93,16 @@ func main() { if err := json.NewDecoder(f).Decode(&result); err != nil { log.Fatal(err) } - source := export(fmt.Sprintf("%#v", result)) + + // fill default values from groups + values := make(map[string]rules.Access) + for _, group := range result { + for _, row := range group.Operations { + values[row.Key] = row.Default + } + } + + source := export(fmt.Sprintf("%#v", result), fmt.Sprintf("%#v", values)) if err := ioutil.WriteFile(*output, source, 0644); err != nil { log.Fatal(err) } diff --git a/messaging/types/channel.perms.gen.go b/messaging/types/channel.perms.gen.go index ae4fd870a..65242e292 100644 --- a/messaging/types/channel.perms.gen.go +++ b/messaging/types/channel.perms.gen.go @@ -4,7 +4,7 @@ import "github.com/crusttech/crust/internal/rules" /* File is generated from messaging/types/permissions/3-channel.json with permissions.go */ -func (c *Channel) Permissions() []rules.OperationGroup { +func (*Channel) Permissions() []rules.OperationGroup { return []rules.OperationGroup{ rules.OperationGroup{ Title: "General permissions", @@ -21,31 +21,37 @@ func (c *Channel) Permissions() []rules.OperationGroup { Title: "Text Permissions", Operations: []rules.Operation{ rules.Operation{ - Key: "send", + Key: "text.send", Title: "Send Messages", Subtitle: "", Enabled: true, Default: rules.Inherit, }, rules.Operation{ - Key: "embed", + Key: "text.embed", Title: "Embed Links", Subtitle: "", Enabled: true, Default: rules.Inherit, }, rules.Operation{ - Key: "attach", + Key: "text.attach", Title: "Attach Files", Subtitle: "", Enabled: true, Default: rules.Inherit, }, rules.Operation{ - Key: "manage.messages", + Key: "text.edit_own", + Title: "Manage own messages", + Subtitle: "Members with this permission can edit/delete their own messages inside this channel", + Enabled: true, + Default: rules.Inherit, + }, rules.Operation{ + Key: "text.edit_all", Title: "Manage messages", Subtitle: "Members with this permission can edit/delete messages inside this channel", Enabled: true, Default: rules.Inherit, }, rules.Operation{ - Key: "react", + Key: "text.react", Title: "Manage reactions", Subtitle: "Members with this permission can add new reactions to a message", Enabled: true, @@ -55,3 +61,19 @@ func (c *Channel) Permissions() []rules.OperationGroup { }, } } + +func (*Channel) PermissionDefault(key string) rules.Access { + values := map[string]rules.Access{ + "text.edit_all": rules.Inherit, + "text.react": rules.Inherit, + "manage.webhooks": rules.Inherit, + "text.send": rules.Inherit, + "text.embed": rules.Inherit, + "text.attach": rules.Inherit, + "text.edit_own": rules.Inherit, + } + if value, ok := values[key]; ok { + return value + } + return rules.Inherit +} diff --git a/messaging/types/organisation.perms.gen.go b/messaging/types/organisation.perms.gen.go index 1e9139dff..9ffb9ba70 100644 --- a/messaging/types/organisation.perms.gen.go +++ b/messaging/types/organisation.perms.gen.go @@ -4,7 +4,7 @@ import "github.com/crusttech/crust/internal/rules" /* File is generated from messaging/types/permissions/1-organisation.json with permissions.go */ -func (c *Organisation) Permissions() []rules.OperationGroup { +func (*Organisation) Permissions() []rules.OperationGroup { return []rules.OperationGroup{ rules.OperationGroup{ Title: "General permissions", @@ -51,31 +51,37 @@ func (c *Organisation) Permissions() []rules.OperationGroup { Title: "Text Permissions", Operations: []rules.Operation{ rules.Operation{ - Key: "send", + Key: "text.send", Title: "Send Messages", Subtitle: "", Enabled: true, Default: rules.Allow, }, rules.Operation{ - Key: "embed", + Key: "text.embed", Title: "Embed Links", Subtitle: "", Enabled: true, Default: rules.Allow, }, rules.Operation{ - Key: "attach", + Key: "text.attach", Title: "Attach Files", Subtitle: "", Enabled: true, Default: rules.Allow, }, rules.Operation{ - Key: "manage.messages", + Key: "text.edit_own", + Title: "Manage own messages", + Subtitle: "Members with this permission can edit/delete their own messages inside channels", + Enabled: true, + Default: rules.Allow, + }, rules.Operation{ + Key: "text.edit_all", Title: "Manage messages", Subtitle: "Members with this permission can edit/delete messages inside channels", Enabled: true, Default: rules.Deny, }, rules.Operation{ - Key: "react", + Key: "text.react", Title: "Manage reactions", Subtitle: "Members with this permission can add new reactions to a message", Enabled: true, @@ -85,3 +91,24 @@ func (c *Organisation) Permissions() []rules.OperationGroup { }, } } + +func (*Organisation) PermissionDefault(key string) rules.Access { + values := map[string]rules.Access{ + "admin": rules.Deny, + "manage.organisation": rules.Deny, + "manage.roles": rules.Deny, + "text.react": rules.Allow, + "text.embed": rules.Allow, + "text.attach": rules.Allow, + "text.edit_own": rules.Allow, + "text.edit_all": rules.Deny, + "audit": rules.Deny, + "manage.channels": rules.Deny, + "manage.webhooks": rules.Deny, + "text.send": rules.Allow, + } + if value, ok := values[key]; ok { + return value + } + return rules.Inherit +} diff --git a/messaging/types/team.perms.gen.go b/messaging/types/team.perms.gen.go index 3cca62b97..ca56c8f33 100644 --- a/messaging/types/team.perms.gen.go +++ b/messaging/types/team.perms.gen.go @@ -4,7 +4,7 @@ import "github.com/crusttech/crust/internal/rules" /* File is generated from messaging/types/permissions/2-team.json with permissions.go */ -func (c *Team) Permissions() []rules.OperationGroup { +func (*Team) Permissions() []rules.OperationGroup { return []rules.OperationGroup{ rules.OperationGroup{ Title: "General permissions", @@ -21,31 +21,37 @@ func (c *Team) Permissions() []rules.OperationGroup { Title: "Text Permissions", Operations: []rules.Operation{ rules.Operation{ - Key: "send", + Key: "text.send", Title: "Send Messages", Subtitle: "", Enabled: true, Default: rules.Inherit, }, rules.Operation{ - Key: "embed", + Key: "text.embed", Title: "Embed Links", Subtitle: "", Enabled: true, Default: rules.Inherit, }, rules.Operation{ - Key: "attach", + Key: "text.attach", Title: "Attach Files", Subtitle: "", Enabled: true, Default: rules.Inherit, }, rules.Operation{ - Key: "manage.messages", + Key: "text.edit_own", + Title: "Manage own messages", + Subtitle: "Members with this permission can edit/delete their own messages inside channels", + Enabled: true, + Default: rules.Inherit, + }, rules.Operation{ + Key: "text.edit_all", Title: "Manage messages", Subtitle: "Members with this permission can edit/delete messages inside channels", Enabled: true, Default: rules.Inherit, }, rules.Operation{ - Key: "react", + Key: "text.react", Title: "Manage reactions", Subtitle: "Members with this permission can add new reactions to a message", Enabled: true, @@ -55,3 +61,19 @@ func (c *Team) Permissions() []rules.OperationGroup { }, } } + +func (*Team) PermissionDefault(key string) rules.Access { + values := map[string]rules.Access{ + "manage.webhooks": rules.Inherit, + "text.send": rules.Inherit, + "text.embed": rules.Inherit, + "text.attach": rules.Inherit, + "text.edit_own": rules.Inherit, + "text.edit_all": rules.Inherit, + "text.react": rules.Inherit, + } + if value, ok := values[key]; ok { + return value + } + return rules.Inherit +}