mirror of
https://github.com/outline/outline.git
synced 2026-06-13 11:25:03 +03:00
Tom Moor
1a893b0e45
Adds group sync from external authentication providers, allowing team group memberships to be automatically managed based on provider data on sign-in in the future.
51 lines
878 B
TypeScript
51 lines
878 B
TypeScript
import { Group, User, Team } from "@server/models";
|
|
import { allow } from "./cancan";
|
|
import {
|
|
and,
|
|
isTeamAdmin,
|
|
isTeamModel,
|
|
isTeamMutable,
|
|
isGroupAdmin,
|
|
} from "./utils";
|
|
|
|
allow(User, "createGroup", Team, (actor, team) =>
|
|
and(
|
|
//
|
|
isTeamAdmin(actor, team),
|
|
isTeamMutable(actor)
|
|
)
|
|
);
|
|
|
|
allow(User, "listGroups", Team, (actor, team) =>
|
|
and(
|
|
//
|
|
isTeamModel(actor, team),
|
|
!actor.isGuest
|
|
)
|
|
);
|
|
|
|
allow(User, "read", Group, (actor, group) =>
|
|
and(
|
|
//
|
|
isTeamModel(actor, group),
|
|
!actor.isGuest
|
|
)
|
|
);
|
|
|
|
allow(User, "update", Group, (actor, group) =>
|
|
and(
|
|
//
|
|
isGroupAdmin(actor, group),
|
|
isTeamMutable(actor)
|
|
)
|
|
);
|
|
|
|
allow(User, "delete", Group, (actor, group) =>
|
|
and(
|
|
//
|
|
isTeamAdmin(actor, group),
|
|
isTeamMutable(actor),
|
|
!Array.isArray(group?.externalGroups) || group.externalGroups.length === 0
|
|
)
|
|
);
|