From 0e651df65f63645a60864d12903e62a66a8a009d Mon Sep 17 00:00:00 2001 From: "alonso.torres" Date: Tue, 24 Sep 2024 15:21:35 +0200 Subject: [PATCH] :sparkles: Updates permissions for comments --- frontend/src/app/plugins/comments.cljs | 58 ++++++++++++++++---------- frontend/src/app/plugins/page.cljs | 47 ++++++++++++--------- frontend/src/app/plugins/register.cljs | 5 ++- 3 files changed, 67 insertions(+), 43 deletions(-) diff --git a/frontend/src/app/plugins/comments.cljs b/frontend/src/app/plugins/comments.cljs index 03be904e0..ff3a33106 100644 --- a/frontend/src/app/plugins/comments.cljs +++ b/frontend/src/app/plugins/comments.cljs @@ -27,9 +27,16 @@ (remove [_] (p/create (fn [resolve reject] - (->> (rp/cmd! :delete-comment {:id $id}) - (rx/tap #(st/emit! (dc/retrieve-comment-threads $file))) - (rx/subs! #(resolve) reject)))))) + (cond + (not (r/check-permission $plugin "comment:write")) + (do + (u/display-not-valid :remove "Plugin doesn't have 'comment:write' permission") + (reject "Plugin doesn't have 'comment:write' permission")) + + :else + (->> (rp/cmd! :delete-comment {:id $id}) + (rx/tap #(st/emit! (dc/retrieve-comment-threads $file))) + (rx/subs! #(resolve) reject))))))) (defn comment-proxy? [p] (instance? CommentProxy p)) @@ -60,8 +67,8 @@ (not= (:id profile) (:owner-id data)) (u/display-not-valid :content "Cannot change content from another user's comments") - (not (r/check-permission plugin-id "content:write")) - (u/display-not-valid :content "Plugin doesn't have 'content:write' permission") + (not (r/check-permission plugin-id "comment:write")) + (u/display-not-valid :content "Plugin doesn't have 'comment:write' permission") :else (->> (rp/cmd! :update-comment {:id (:id data) :content content}) @@ -74,22 +81,29 @@ [_] (p/create (fn [resolve reject] - (->> (rp/cmd! :get-comments {:thread-id $id}) - (rx/subs! - (fn [comments] - (resolve - (format/format-array - #(comment-proxy $plugin $file $page $id $users %) comments))) - reject))))) + (cond + (not (r/check-permission $plugin "comment:read")) + (do + (u/display-not-valid :findComments "Plugin doesn't have 'comment:read' permission") + (reject "Plugin doesn't have 'comment:read' permission")) + + :else + (->> (rp/cmd! :get-comments {:thread-id $id}) + (rx/subs! + (fn [comments] + (resolve + (format/format-array + #(comment-proxy $plugin $file $page $id $users %) comments))) + reject)))))) (reply [_ content] (cond - (not (r/check-permission $plugin "content:write")) - (u/display-not-valid :content "Plugin doesn't have 'content:write' permission") + (not (r/check-permission $plugin "comment:write")) + (u/display-not-valid :reply "Plugin doesn't have 'comment:write' permission") (or (not (string? content)) (empty? content)) - (u/display-not-valid :content "Not valid") + (u/display-not-valid :reply "Not valid") :else (p/create @@ -100,11 +114,11 @@ (remove [_] (let [profile (:profile @st/state)] (cond - (not (r/check-permission $plugin "content:write")) - (u/display-not-valid :removeCommentThread "Plugin doesn't have 'content:write' permission") + (not (r/check-permission $plugin "comment:write")) + (u/display-not-valid :remove "Plugin doesn't have 'comment:write' permission") (not= (:id profile) owner) - (u/display-not-valid :content "Cannot change content from another user's comments") + (u/display-not-valid :remove "Cannot change content from another user's comments") :else (p/create @@ -140,8 +154,8 @@ (or (not (us/safe-number? (:x position))) (not (us/safe-number? (:y position)))) (u/display-not-valid :position "Not valid point") - (not (r/check-permission plugin-id "content:write")) - (u/display-not-valid :content "Plugin doesn't have 'content:write' permission") + (not (r/check-permission plugin-id "comment:write")) + (u/display-not-valid :position "Plugin doesn't have 'comment:write' permission") :else (do (st/emit! (dwc/update-comment-thread-position @data* [(:x position) (:y position)])) @@ -155,8 +169,8 @@ (not (boolean? is-resolved)) (u/display-not-valid :resolved "Not a boolean type") - (not (r/check-permission plugin-id "content:write")) - (u/display-not-valid :resolved "Plugin doesn't have 'content:write' permission") + (not (r/check-permission plugin-id "comment:write")) + (u/display-not-valid :resolved "Plugin doesn't have 'comment:write' permission") :else (do (st/emit! (dc/update-comment-thread (assoc @data* :is-resolved is-resolved))) diff --git a/frontend/src/app/plugins/page.cljs b/frontend/src/app/plugins/page.cljs index a51db3a11..9160d739e 100644 --- a/frontend/src/app/plugins/page.cljs +++ b/frontend/src/app/plugins/page.cljs @@ -258,7 +258,7 @@ (u/display-not-valid :removeRulerGuide "Guide not provided") (not (r/check-permission $plugin "content:write")) - (u/display-not-valid :removeRulerGuide "Plugin doesn't have 'content:write' permission") + (u/display-not-valid :removeRulerGuide "Plugin doesn't have 'comment:write' permission") :else (let [guide (u/proxy->ruler-guide value)] @@ -279,8 +279,8 @@ (and (some? board) (or (not (shape/shape-proxy? board)) (not (cfh/frame-shape? shape)))) (u/display-not-valid :addCommentThread "Board not valid") - (not (r/check-permission $plugin "content:write")) - (u/display-not-valid :addCommentThread "Plugin doesn't have 'content:write' permission") + (not (r/check-permission $plugin "comment:write")) + (u/display-not-valid :addCommentThread "Plugin doesn't have 'comment:write' permission") :else (let [position @@ -311,7 +311,7 @@ (not (pc/comment-thread-proxy? thread)) (u/display-not-valid :removeCommentThread "Comment thread not valid") - (not (r/check-permission $plugin "content:write")) + (not (r/check-permission $plugin "comment:write")) (u/display-not-valid :removeCommentThread "Plugin doesn't have 'content:write' permission") :else @@ -328,23 +328,30 @@ user-id (-> @st/state :profile :id)] (p/create (fn [resolve reject] - (->> (rx/zip (rp/cmd! :get-team-users {:file-id $file}) - (rp/cmd! :get-comment-threads {:file-id $file})) - (rx/take 1) - (rx/subs! - (fn [[users comments]] - (let [users (d/index-by :id users) - comments - (cond->> comments - (not show-resolved) - (filter (comp not :is-resolved)) + (cond + (not (r/check-permission $plugin "comment:read")) + (do + (u/display-not-valid :findCommentThreads "Plugin doesn't have 'comment:read' permission") + (reject "Plugin doesn't have 'comment:read' permission")) - only-yours - (filter #(contains? (:participants %) user-id)))] - (resolve - (format/format-array - #(pc/comment-thread-proxy $plugin $file $id users %) comments)))) - reject))))))) + :else + (->> (rx/zip (rp/cmd! :get-team-users {:file-id $file}) + (rp/cmd! :get-comment-threads {:file-id $file})) + (rx/take 1) + (rx/subs! + (fn [[users comments]] + (let [users (d/index-by :id users) + comments + (cond->> comments + (not show-resolved) + (filter (comp not :is-resolved)) + + only-yours + (filter #(contains? (:participants %) user-id)))] + (resolve + (format/format-array + #(pc/comment-thread-proxy $plugin $file $id users %) comments)))) + reject)))))))) (crc/define-properties! PageProxy diff --git a/frontend/src/app/plugins/register.cljs b/frontend/src/app/plugins/register.cljs index da43f59c1..c0dd27050 100644 --- a/frontend/src/app/plugins/register.cljs +++ b/frontend/src/app/plugins/register.cljs @@ -42,7 +42,10 @@ (conj "content:read") (contains? permissions "library:write") - (conj "content:write")) + (conj "content:write") + + (contains? permissions "comment:write") + (conj "comment:read")) origin (obj/get (js/URL. plugin-url) "origin")