summaryrefslogtreecommitdiffstats
path: root/vendor/github.com/mattermost/mattermost-server/model/role.go
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/github.com/mattermost/mattermost-server/model/role.go')
-rw-r--r--vendor/github.com/mattermost/mattermost-server/model/role.go363
1 files changed, 0 insertions, 363 deletions
diff --git a/vendor/github.com/mattermost/mattermost-server/model/role.go b/vendor/github.com/mattermost/mattermost-server/model/role.go
deleted file mode 100644
index 27b32ed6..00000000
--- a/vendor/github.com/mattermost/mattermost-server/model/role.go
+++ /dev/null
@@ -1,363 +0,0 @@
-// Copyright (c) 2016-present Mattermost, Inc. All Rights Reserved.
-// See License.txt for license information.
-
-package model
-
-import (
- "encoding/json"
- "io"
- "strings"
-)
-
-const (
- SYSTEM_USER_ROLE_ID = "system_user"
- SYSTEM_ADMIN_ROLE_ID = "system_admin"
- SYSTEM_POST_ALL_ROLE_ID = "system_post_all"
- SYSTEM_POST_ALL_PUBLIC_ROLE_ID = "system_post_all_public"
- SYSTEM_USER_ACCESS_TOKEN_ROLE_ID = "system_user_access_token"
-
- TEAM_USER_ROLE_ID = "team_user"
- TEAM_ADMIN_ROLE_ID = "team_admin"
- TEAM_POST_ALL_ROLE_ID = "team_post_all"
- TEAM_POST_ALL_PUBLIC_ROLE_ID = "team_post_all_public"
-
- CHANNEL_USER_ROLE_ID = "channel_user"
- CHANNEL_ADMIN_ROLE_ID = "channel_admin"
-
- ROLE_NAME_MAX_LENGTH = 64
- ROLE_DISPLAY_NAME_MAX_LENGTH = 128
- ROLE_DESCRIPTION_MAX_LENGTH = 1024
-)
-
-type Role struct {
- Id string `json:"id"`
- Name string `json:"name"`
- DisplayName string `json:"display_name"`
- Description string `json:"description"`
- CreateAt int64 `json:"create_at"`
- UpdateAt int64 `json:"update_at"`
- DeleteAt int64 `json:"delete_at"`
- Permissions []string `json:"permissions"`
- SchemeManaged bool `json:"scheme_managed"`
- BuiltIn bool `json:"built_in"`
-}
-
-type RolePatch struct {
- Permissions *[]string `json:"permissions"`
-}
-
-func (role *Role) ToJson() string {
- b, _ := json.Marshal(role)
- return string(b)
-}
-
-func RoleFromJson(data io.Reader) *Role {
- var role *Role
- json.NewDecoder(data).Decode(&role)
- return role
-}
-
-func RoleListToJson(r []*Role) string {
- b, _ := json.Marshal(r)
- return string(b)
-}
-
-func RoleListFromJson(data io.Reader) []*Role {
- var roles []*Role
- json.NewDecoder(data).Decode(&roles)
- return roles
-}
-
-func (r *RolePatch) ToJson() string {
- b, _ := json.Marshal(r)
- return string(b)
-}
-
-func RolePatchFromJson(data io.Reader) *RolePatch {
- var rolePatch *RolePatch
- json.NewDecoder(data).Decode(&rolePatch)
- return rolePatch
-}
-
-func (o *Role) Patch(patch *RolePatch) {
- if patch.Permissions != nil {
- o.Permissions = *patch.Permissions
- }
-}
-
-// Returns an array of permissions that are in either role.Permissions
-// or patch.Permissions, but not both.
-func PermissionsChangedByPatch(role *Role, patch *RolePatch) []string {
- var result []string
-
- if patch.Permissions == nil {
- return result
- }
-
- roleMap := make(map[string]bool)
- patchMap := make(map[string]bool)
-
- for _, permission := range role.Permissions {
- roleMap[permission] = true
- }
-
- for _, permission := range *patch.Permissions {
- patchMap[permission] = true
- }
-
- for _, permission := range role.Permissions {
- if !patchMap[permission] {
- result = append(result, permission)
- }
- }
-
- for _, permission := range *patch.Permissions {
- if !roleMap[permission] {
- result = append(result, permission)
- }
- }
-
- return result
-}
-
-func (role *Role) IsValid() bool {
- if len(role.Id) != 26 {
- return false
- }
-
- return role.IsValidWithoutId()
-}
-
-func (role *Role) IsValidWithoutId() bool {
- if !IsValidRoleName(role.Name) {
- return false
- }
-
- if len(role.DisplayName) == 0 || len(role.DisplayName) > ROLE_DISPLAY_NAME_MAX_LENGTH {
- return false
- }
-
- if len(role.Description) > ROLE_DESCRIPTION_MAX_LENGTH {
- return false
- }
-
- for _, permission := range role.Permissions {
- permissionValidated := false
- for _, p := range ALL_PERMISSIONS {
- if permission == p.Id {
- permissionValidated = true
- break
- }
- }
-
- if !permissionValidated {
- return false
- }
- }
-
- return true
-}
-
-func IsValidRoleName(roleName string) bool {
- if len(roleName) <= 0 || len(roleName) > ROLE_NAME_MAX_LENGTH {
- return false
- }
-
- if strings.TrimLeft(roleName, "abcdefghijklmnopqrstuvwxyz0123456789_") != "" {
- return false
- }
-
- return true
-}
-
-func MakeDefaultRoles() map[string]*Role {
- roles := make(map[string]*Role)
-
- roles[CHANNEL_USER_ROLE_ID] = &Role{
- Name: "channel_user",
- DisplayName: "authentication.roles.channel_user.name",
- Description: "authentication.roles.channel_user.description",
- Permissions: []string{
- PERMISSION_READ_CHANNEL.Id,
- PERMISSION_ADD_REACTION.Id,
- PERMISSION_REMOVE_REACTION.Id,
- PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id,
- PERMISSION_UPLOAD_FILE.Id,
- PERMISSION_GET_PUBLIC_LINK.Id,
- PERMISSION_CREATE_POST.Id,
- PERMISSION_USE_SLASH_COMMANDS.Id,
- },
- SchemeManaged: true,
- BuiltIn: true,
- }
-
- roles[CHANNEL_ADMIN_ROLE_ID] = &Role{
- Name: "channel_admin",
- DisplayName: "authentication.roles.channel_admin.name",
- Description: "authentication.roles.channel_admin.description",
- Permissions: []string{
- PERMISSION_MANAGE_CHANNEL_ROLES.Id,
- },
- SchemeManaged: true,
- BuiltIn: true,
- }
-
- roles[TEAM_USER_ROLE_ID] = &Role{
- Name: "team_user",
- DisplayName: "authentication.roles.team_user.name",
- Description: "authentication.roles.team_user.description",
- Permissions: []string{
- PERMISSION_LIST_TEAM_CHANNELS.Id,
- PERMISSION_JOIN_PUBLIC_CHANNELS.Id,
- PERMISSION_READ_PUBLIC_CHANNEL.Id,
- PERMISSION_VIEW_TEAM.Id,
- },
- SchemeManaged: true,
- BuiltIn: true,
- }
-
- roles[TEAM_POST_ALL_ROLE_ID] = &Role{
- Name: "team_post_all",
- DisplayName: "authentication.roles.team_post_all.name",
- Description: "authentication.roles.team_post_all.description",
- Permissions: []string{
- PERMISSION_CREATE_POST.Id,
- },
- SchemeManaged: false,
- BuiltIn: true,
- }
-
- roles[TEAM_POST_ALL_PUBLIC_ROLE_ID] = &Role{
- Name: "team_post_all_public",
- DisplayName: "authentication.roles.team_post_all_public.name",
- Description: "authentication.roles.team_post_all_public.description",
- Permissions: []string{
- PERMISSION_CREATE_POST_PUBLIC.Id,
- },
- SchemeManaged: false,
- BuiltIn: true,
- }
-
- roles[TEAM_ADMIN_ROLE_ID] = &Role{
- Name: "team_admin",
- DisplayName: "authentication.roles.team_admin.name",
- Description: "authentication.roles.team_admin.description",
- Permissions: []string{
- PERMISSION_REMOVE_USER_FROM_TEAM.Id,
- PERMISSION_MANAGE_TEAM.Id,
- PERMISSION_IMPORT_TEAM.Id,
- PERMISSION_MANAGE_TEAM_ROLES.Id,
- PERMISSION_MANAGE_CHANNEL_ROLES.Id,
- PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id,
- PERMISSION_MANAGE_SLASH_COMMANDS.Id,
- PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS.Id,
- PERMISSION_MANAGE_WEBHOOKS.Id,
- },
- SchemeManaged: true,
- BuiltIn: true,
- }
-
- roles[SYSTEM_USER_ROLE_ID] = &Role{
- Name: "system_user",
- DisplayName: "authentication.roles.global_user.name",
- Description: "authentication.roles.global_user.description",
- Permissions: []string{
- PERMISSION_CREATE_DIRECT_CHANNEL.Id,
- PERMISSION_CREATE_GROUP_CHANNEL.Id,
- PERMISSION_PERMANENT_DELETE_USER.Id,
- },
- SchemeManaged: true,
- BuiltIn: true,
- }
-
- roles[SYSTEM_POST_ALL_ROLE_ID] = &Role{
- Name: "system_post_all",
- DisplayName: "authentication.roles.system_post_all.name",
- Description: "authentication.roles.system_post_all.description",
- Permissions: []string{
- PERMISSION_CREATE_POST.Id,
- },
- SchemeManaged: false,
- BuiltIn: true,
- }
-
- roles[SYSTEM_POST_ALL_PUBLIC_ROLE_ID] = &Role{
- Name: "system_post_all_public",
- DisplayName: "authentication.roles.system_post_all_public.name",
- Description: "authentication.roles.system_post_all_public.description",
- Permissions: []string{
- PERMISSION_CREATE_POST_PUBLIC.Id,
- },
- SchemeManaged: false,
- BuiltIn: true,
- }
-
- roles[SYSTEM_USER_ACCESS_TOKEN_ROLE_ID] = &Role{
- Name: "system_user_access_token",
- DisplayName: "authentication.roles.system_user_access_token.name",
- Description: "authentication.roles.system_user_access_token.description",
- Permissions: []string{
- PERMISSION_CREATE_USER_ACCESS_TOKEN.Id,
- PERMISSION_READ_USER_ACCESS_TOKEN.Id,
- PERMISSION_REVOKE_USER_ACCESS_TOKEN.Id,
- },
- SchemeManaged: false,
- BuiltIn: true,
- }
-
- roles[SYSTEM_ADMIN_ROLE_ID] = &Role{
- Name: "system_admin",
- DisplayName: "authentication.roles.global_admin.name",
- Description: "authentication.roles.global_admin.description",
- // System admins can do anything channel and team admins can do
- // plus everything members of teams and channels can do to all teams
- // and channels on the system
- Permissions: append(
- append(
- append(
- append(
- []string{
- PERMISSION_ASSIGN_SYSTEM_ADMIN_ROLE.Id,
- PERMISSION_MANAGE_SYSTEM.Id,
- PERMISSION_MANAGE_ROLES.Id,
- PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id,
- PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id,
- PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id,
- PERMISSION_DELETE_PUBLIC_CHANNEL.Id,
- PERMISSION_CREATE_PUBLIC_CHANNEL.Id,
- PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id,
- PERMISSION_DELETE_PRIVATE_CHANNEL.Id,
- PERMISSION_CREATE_PRIVATE_CHANNEL.Id,
- PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH.Id,
- PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id,
- PERMISSION_EDIT_OTHER_USERS.Id,
- PERMISSION_EDIT_OTHERS_POSTS.Id,
- PERMISSION_MANAGE_OAUTH.Id,
- PERMISSION_INVITE_USER.Id,
- PERMISSION_DELETE_POST.Id,
- PERMISSION_DELETE_OTHERS_POSTS.Id,
- PERMISSION_CREATE_TEAM.Id,
- PERMISSION_ADD_USER_TO_TEAM.Id,
- PERMISSION_LIST_USERS_WITHOUT_TEAM.Id,
- PERMISSION_MANAGE_JOBS.Id,
- PERMISSION_CREATE_POST_PUBLIC.Id,
- PERMISSION_CREATE_POST_EPHEMERAL.Id,
- PERMISSION_CREATE_USER_ACCESS_TOKEN.Id,
- PERMISSION_READ_USER_ACCESS_TOKEN.Id,
- PERMISSION_REVOKE_USER_ACCESS_TOKEN.Id,
- PERMISSION_REMOVE_OTHERS_REACTIONS.Id,
- },
- roles[TEAM_USER_ROLE_ID].Permissions...,
- ),
- roles[CHANNEL_USER_ROLE_ID].Permissions...,
- ),
- roles[TEAM_ADMIN_ROLE_ID].Permissions...,
- ),
- roles[CHANNEL_ADMIN_ROLE_ID].Permissions...,
- ),
- SchemeManaged: true,
- BuiltIn: true,
- }
-
- return roles
-}
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-01 20:36:40 +0000