mirror of
https://github.com/outline/outline.git
synced 2026-06-27 18:24:23 +03:00
Saumya Pandey
37 lines
1.0 KiB
JavaScript
37 lines
1.0 KiB
JavaScript
// @flow
|
|
import { AdminRequiredError } from "../errors";
|
|
import { Group, User, Team } from "../models";
|
|
import policy from "./policy";
|
|
|
|
const { allow, can } = policy;
|
|
|
|
allow(User, "createGroup", Team, (actor, team) => {
|
|
if (!team || actor.isViewer || actor.teamId !== team.id) return false;
|
|
if (actor.isAdmin) return true;
|
|
throw new AdminRequiredError();
|
|
});
|
|
|
|
allow(User, "read", Group, (actor, group) => {
|
|
if (!group || actor.teamId !== group.teamId) return false;
|
|
if (actor.isAdmin || !group.isPrivate) return true;
|
|
if (group.groupMemberships.filter((gm) => gm.userId === actor.id).length) {
|
|
return true;
|
|
}
|
|
|
|
if (
|
|
group.collectionGroupMemberships &&
|
|
group.collectionGroupMemberships.some((membership) =>
|
|
can(actor, "read", membership.collection)
|
|
)
|
|
)
|
|
return true;
|
|
|
|
return false;
|
|
});
|
|
|
|
allow(User, ["update", "delete"], Group, (actor, group) => {
|
|
if (!group || actor.isViewer || actor.teamId !== group.teamId) return false;
|
|
if (actor.isAdmin) return true;
|
|
throw new AdminRequiredError();
|
|
});
|