Implemented the 'SimplePathPrivilegeManager' class to manage privileg…

…es based on the path

lib/user/v2/privilege/FakePrivilegeManager.d.ts

@@ -1,18 +1,17 @@
 import { SimplePrivilegeManager } from './SimplePrivilegeManager';
-import { hasNoWriteLock } from './IPrivilegeManager';
 export declare class FakePrivilegeManager extends SimplePrivilegeManager {
     constructor();
     canCreate: (arg: any, resource: any, callback: any) => any;
-    canDelete: typeof hasNoWriteLock;
-    canWrite: typeof hasNoWriteLock;
+    canDelete: any;
+    canWrite: any;
     canSource: (arg: any, resource: any, callback: any) => any;
     canRead: (arg: any, resource: any, callback: any) => any;
     canListLocks: (arg: any, resource: any, callback: any) => any;
-    canSetLock: typeof hasNoWriteLock;
+    canSetLock: any;
     canGetAvailableLocks: (arg: any, resource: any, callback: any) => any;
-    canAddChild: typeof hasNoWriteLock;
-    canRemoveChild: typeof hasNoWriteLock;
+    canAddChild: any;
+    canRemoveChild: any;
     canGetChildren: (arg: any, resource: any, callback: any) => any;
-    canSetProperty: typeof hasNoWriteLock;
+    canSetProperty: any;
     canGetProperty: (arg: any, resource: any, callback: any) => any;
 }

lib/user/v2/privilege/IPrivilegeManager.d.ts

@@ -1,35 +1,23 @@
-import { RequestContext } from '../../../server/v2/RequestContext';
-import { Resource } from '../../../manager/v2/export';
+import { Resource, Path } from '../../../manager/v2/export';
 export declare type PrivilegeManagerCallback = (error: Error, hasAccess: boolean) => void;
-export declare type PrivilegeManagerMethod = (ctx: RequestContext, resource: Resource, callback: PrivilegeManagerCallback) => void;
-export declare type BasicPrivilege = 'all' | 'canReadLocks' | 'canWriteLocks' | 'canWrite' | 'canRead' | 'canSee' | 'canReadProperties' | 'canWriteProperties';
-export declare function requirePrivilege(privilege: string | BasicPrivilege | string[] | BasicPrivilege[], ctx: RequestContext, resource: Resource, callback: PrivilegeManagerCallback): void;
-export interface IPrivilegeManager {
-    canCreate: PrivilegeManagerMethod;
-    canDelete: PrivilegeManagerMethod;
-    canMove: PrivilegeManagerMethod;
-    canRename: PrivilegeManagerMethod;
-    canAppend: PrivilegeManagerMethod;
-    canWrite: PrivilegeManagerMethod;
-    canRead: PrivilegeManagerMethod;
-    canSource: PrivilegeManagerMethod;
-    canGetMimeType: PrivilegeManagerMethod;
-    canGetSize: PrivilegeManagerMethod;
-    canListLocks: PrivilegeManagerMethod;
-    canSetLock: PrivilegeManagerMethod;
-    canRemoveLock: PrivilegeManagerMethod;
-    canGetAvailableLocks: PrivilegeManagerMethod;
-    canGetLock: PrivilegeManagerMethod;
-    canAddChild: PrivilegeManagerMethod;
-    canRemoveChild: PrivilegeManagerMethod;
-    canGetChildren: PrivilegeManagerMethod;
-    canSetProperty: PrivilegeManagerMethod;
-    canGetProperty: PrivilegeManagerMethod;
-    canGetProperties: PrivilegeManagerMethod;
-    canRemoveProperty: PrivilegeManagerMethod;
-    canGetCreationDate: PrivilegeManagerMethod;
-    canGetLastModifiedDate: PrivilegeManagerMethod;
-    canGetWebName: PrivilegeManagerMethod;
-    canGetType: PrivilegeManagerMethod;
+export declare type PrivilegeManagerMethod = (fullPath: Path, resource: Resource, callback: PrivilegeManagerCallback) => void;
+export declare type BasicPrivilege = 'canWrite' | 'canWriteLocks' | 'canWriteContent' | 'canWriteContentTranslated' | 'canWriteContentSource' | 'canWriteProperties' | 'canRead' | 'canReadLocks' | 'canReadContent' | 'canReadContentTranslated' | 'canReadContentSource' | 'canReadProperties';
+export declare class PrivilegeManager {
+    can(fullPath: Path | string, resource: Resource, privilege: BasicPrivilege, callback: PrivilegeManagerCallback): void;
+    can(fullPath: Path | string, resource: Resource, privilege: string, callback: PrivilegeManagerCallback): void;
+    can(fullPath: Path | string, resource: Resource, privilege: BasicPrivilege[], callback: PrivilegeManagerCallback): void;
+    can(fullPath: Path | string, resource: Resource, privilege: string[], callback: PrivilegeManagerCallback): void;
+    protected _can?(fullPath: Path, resource: Resource, privilege: string, callback: PrivilegeManagerCallback): void;
+    protected canWrite(fullPath: Path, resource: Resource, callback: PrivilegeManagerCallback): void;
+    protected canWriteLocks(fullPath: Path, resource: Resource, callback: PrivilegeManagerCallback): void;
+    protected canWriteContent(fullPath: Path, resource: Resource, callback: PrivilegeManagerCallback): void;
+    protected canWriteContentTranslated(fullPath: Path, resource: Resource, callback: PrivilegeManagerCallback): void;
+    protected canWriteContentSource(fullPath: Path, resource: Resource, callback: PrivilegeManagerCallback): void;
+    protected canWriteProperties(fullPath: Path, resource: Resource, callback: PrivilegeManagerCallback): void;
+    protected canRead(fullPath: Path, resource: Resource, callback: PrivilegeManagerCallback): void;
+    protected canReadLocks(fullPath: Path, resource: Resource, callback: PrivilegeManagerCallback): void;
+    protected canReadContent(fullPath: Path, resource: Resource, callback: PrivilegeManagerCallback): void;
+    protected canReadContentTranslated(fullPath: Path, resource: Resource, callback: PrivilegeManagerCallback): void;
+    protected canReadContentSource(fullPath: Path, resource: Resource, callback: PrivilegeManagerCallback): void;
+    protected canReadProperties(fullPath: Path, resource: Resource, callback: PrivilegeManagerCallback): void;
 }
-export declare function hasNoWriteLock(ctx: RequestContext, resource: Resource, callback: PrivilegeManagerCallback): void;

lib/user/v2/privilege/IPrivilegeManager.js

@@ -1,38 +1,85 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-/*
-export type BasicPrivilege =
-    'all'
-    | 'canCreate'
-    | 'canDelete'
-    | 'canMove'
-    | 'canRename'
-    | 'canAppend'
-    | 'canWrite'
-    | 'canRead'
-    | 'canSource'
-    | 'canGetMimeType'
-    | 'canGetSize'
-    | 'canListLocks'
-    | 'canSetLock'
-    | 'canRemoveLock'
-    | 'canGetAvailableLocks'
-    | 'canGetLock'
-    | 'canAddChild'
-    | 'canRemoveChild'
-    | 'canGetChildren'
-    | 'canSetProperty'
-    | 'canGetProperty'
-    | 'canGetProperties'
-    | 'canRemoveProperty'
-    | 'canGetCreationDate'
-    | 'canGetLastModifiedDate'
-    | 'canGetWebName'
-    | 'canGetType';
-*/
-function requirePrivilege(privilege, ctx, resource, callback) {
+var export_1 = require("../../../manager/v2/export");
+var Workflow_1 = require("../../../helper/Workflow");
+function checkAll(pm, fns, resource, callback) {
+    new Workflow_1.Workflow()
+        .each(fns, function (fn, cb) { return fn.bind(pm)(resource, cb); })
+        .error(function (e) { return callback(e, false); })
+        .done(function (successes) { return callback(null, successes.every(function (b) { return !!b; })); });
 }
-exports.requirePrivilege = requirePrivilege;
-function hasNoWriteLock(ctx, resource, callback) {
-}
-exports.hasNoWriteLock = hasNoWriteLock;
+var PrivilegeManager = (function () {
+    function PrivilegeManager() {
+    }
+    PrivilegeManager.prototype.can = function (_fullPath, resource, _privilege, callback) {
+        var _this = this;
+        if (_privilege.constructor !== String) {
+            new Workflow_1.Workflow()
+                .each(_privilege, function (privilege, cb) { return _this.can(_fullPath, resource, privilege, cb); })
+                .error(function (e) { return callback(e, false); })
+                .done(function (checks) { return callback(null, checks.every(function (b) { return !!b; })); });
+            return;
+        }
+        var fullPath = new export_1.Path(_fullPath);
+        var privilege = _privilege;
+        if (this._can)
+            return this._can(fullPath, resource, privilege, callback);
+        var method = this[privilege];
+        if (method)
+            method(fullPath, resource, callback);
+        else
+            callback(null, true);
+    };
+    PrivilegeManager.prototype.canWrite = function (fullPath, resource, callback) {
+        checkAll(this, [
+            this.canWriteLocks,
+            this.canWriteContent,
+            this.canWriteProperties
+        ], resource, callback);
+    };
+    PrivilegeManager.prototype.canWriteLocks = function (fullPath, resource, callback) {
+        callback(null, true);
+    };
+    PrivilegeManager.prototype.canWriteContent = function (fullPath, resource, callback) {
+        checkAll(this, [
+            this.canWriteContentSource,
+            this.canWriteContentTranslated
+        ], resource, callback);
+    };
+    PrivilegeManager.prototype.canWriteContentTranslated = function (fullPath, resource, callback) {
+        callback(null, true);
+    };
+    PrivilegeManager.prototype.canWriteContentSource = function (fullPath, resource, callback) {
+        callback(null, true);
+    };
+    PrivilegeManager.prototype.canWriteProperties = function (fullPath, resource, callback) {
+        callback(null, true);
+    };
+    PrivilegeManager.prototype.canRead = function (fullPath, resource, callback) {
+        checkAll(this, [
+            this.canReadLocks,
+            this.canReadContent,
+            this.canReadProperties
+        ], resource, callback);
+    };
+    PrivilegeManager.prototype.canReadLocks = function (fullPath, resource, callback) {
+        callback(null, true);
+    };
+    PrivilegeManager.prototype.canReadContent = function (fullPath, resource, callback) {
+        checkAll(this, [
+            this.canReadContentSource,
+            this.canReadContentTranslated
+        ], resource, callback);
+    };
+    PrivilegeManager.prototype.canReadContentTranslated = function (fullPath, resource, callback) {
+        callback(null, true);
+    };
+    PrivilegeManager.prototype.canReadContentSource = function (fullPath, resource, callback) {
+        callback(null, true);
+    };
+    PrivilegeManager.prototype.canReadProperties = function (fullPath, resource, callback) {
+        callback(null, true);
+    };
+    return PrivilegeManager;
+}());
+exports.PrivilegeManager = PrivilegeManager;

lib/user/v2/privilege/SimplePathPrivilegeManager.d.ts

@@ -1,24 +1,10 @@
-import { SimplePrivilegeManager, SimpleBasicPrivilege } from './SimplePrivilegeManager';
-import { RequestContext } from '../../../server/v2/RequestContext';
-import { Resource } from '../../../manager/v2/export';
+import { BasicPrivilege, PrivilegeManager, PrivilegeManagerCallback } from './PrivilegeManager';
+import { Resource, Path } from '../../../manager/v2/export';
 import { IUser } from '../IUser';
-export declare class SimplePathPrivilegeManager extends SimplePrivilegeManager {
+export declare class SimplePathPrivilegeManager extends PrivilegeManager {
     rights: any;
     constructor();
-    setRights(user: IUser, path: string, rights: SimpleBasicPrivilege[]): void;
-    getRights(user: IUser, path: string): SimpleBasicPrivilege[];
-    can(user: IUser, path: string, right: SimpleBasicPrivilege): boolean;
-    canCreate: (ctx: RequestContext, resource: Resource, callback: any) => any;
-    canDelete: (ctx: RequestContext, resource: Resource, callback: any) => void;
-    canWrite: (ctx: RequestContext, resource: Resource, callback: any) => void;
-    canSource: (ctx: RequestContext, resource: Resource, callback: any) => any;
-    canRead: (ctx: RequestContext, resource: Resource, callback: any) => any;
-    canListLocks: (ctx: RequestContext, resource: Resource, callback: any) => any;
-    canSetLock: (ctx: RequestContext, resource: Resource, callback: any) => void;
-    canGetAvailableLocks: (ctx: RequestContext, resource: Resource, callback: any) => any;
-    canAddChild: (ctx: RequestContext, resource: Resource, callback: any) => void;
-    canRemoveChild: (ctx: RequestContext, resource: Resource, callback: any) => void;
-    canGetChildren: (ctx: RequestContext, resource: Resource, callback: any) => any;
-    canSetProperty: (ctx: RequestContext, resource: Resource, callback: any) => void;
-    canGetProperty: (ctx: RequestContext, resource: Resource, callback: any) => any;
+    setRights(user: IUser, path: string, rights: BasicPrivilege[] | string[]): void;
+    getRights(user: IUser, path: string): string[];
+    _can(fuullPath: Path, resource: Resource, privilege: BasicPrivilege | string, callback: PrivilegeManagerCallback): void;
 }

lib/user/v2/privilege/SimplePathPrivilegeManager.js

@@ -10,8 +10,8 @@ var __extends = (this && this.__extends) || (function () {
     };
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
-var SimplePrivilegeManager_1 = require("./SimplePrivilegeManager");
-var IPrivilegeManager_1 = require("./IPrivilegeManager");
+var PrivilegeManager_1 = require("./PrivilegeManager");
+var export_1 = require("../../../manager/v2/export");
 function standarizePath(path) {
     if (!path)
         path = '/';
@@ -30,34 +30,10 @@ function standarizePath(path) {
         path = '/';
     return path;
 }
-function checker(sppm, right) {
-    return function (ctx, resource, callback) { return callback(null, sppm.can(ctx.user, ctx.requested.uri, right)); };
-}
-function checkerNoLock(sppm, right) {
-    return function (ctx, resource, callback) {
-        if (!sppm.can(ctx.user, ctx.requested.uri, right))
-            callback(null, false);
-        else
-            IPrivilegeManager_1.hasNoWriteLock(ctx, resource, callback);
-    };
-}
 var SimplePathPrivilegeManager = (function (_super) {
     __extends(SimplePathPrivilegeManager, _super);
     function SimplePathPrivilegeManager() {
         var _this = _super.call(this) || this;
-        _this.canCreate = checker(_this, 'canCreate');
-        _this.canDelete = checkerNoLock(_this, 'canDelete');
-        _this.canWrite = checkerNoLock(_this, 'canWrite');
-        _this.canSource = checker(_this, 'canSource');
-        _this.canRead = checker(_this, 'canRead');
-        _this.canListLocks = checker(_this, 'canListLocks');
-        _this.canSetLock = checkerNoLock(_this, 'canSetLock');
-        _this.canGetAvailableLocks = checker(_this, 'canGetAvailableLocks');
-        _this.canAddChild = checkerNoLock(_this, 'canAddChild');
-        _this.canRemoveChild = checkerNoLock(_this, 'canRemoveChild');
-        _this.canGetChildren = checker(_this, 'canGetChildren');
-        _this.canSetProperty = checkerNoLock(_this, 'canSetProperty');
-        _this.canGetProperty = checker(_this, 'canGetProperty');
         _this.rights = {};
         return _this;
     }
@@ -71,11 +47,10 @@ var SimplePathPrivilegeManager = (function (_super) {
             return [];
         return this.rights[user.uid][standarizePath(path)];
     };
-    SimplePathPrivilegeManager.prototype.can = function (user, path, right) {
-        var rights = this.getRights(user, path);
-        var r = rights && (rights.indexOf('all') !== -1 || rights.indexOf(right) !== -1);
-        return r;
+    SimplePathPrivilegeManager.prototype._can = function (fuullPath, resource, privilege, callback) {
+        var rights = this.getRights(resource.context.user, export_1.Path.toString());
+        callback(null, rights && (rights.indexOf('all') !== -1 || rights.some(function (r) { return r === 'all' || r === privilege; })));
     };
     return SimplePathPrivilegeManager;
-}(SimplePrivilegeManager_1.SimplePrivilegeManager));
+}(PrivilegeManager_1.PrivilegeManager));
 exports.SimplePathPrivilegeManager = SimplePathPrivilegeManager;

lib/user/v2/privilege/SimplePrivilegeManager.d.ts

@@ -5,27 +5,27 @@ export declare abstract class SimplePrivilegeManager implements IPrivilegeManage
     abstract canCreate: PrivilegeManagerMethod;
     abstract canDelete: PrivilegeManagerMethod;
     canMove: (ctx: any, resource: any, callback: any) => void;
-    canRename: (ctx: any, resource: any, callback: any) => void;
-    canAppend: (ctx: any, resource: any, callback: any) => void;
+    canRename: (ctx: any, resource: any, callback: any) => any;
+    canAppend: (ctx: any, resource: any, callback: any) => any;
     abstract canWrite: PrivilegeManagerMethod;
     abstract canRead: PrivilegeManagerMethod;
     abstract canSource: PrivilegeManagerMethod;
-    canGetMimeType: (ctx: any, resource: any, callback: any) => void;
-    canGetSize: (ctx: any, resource: any, callback: any) => void;
+    canGetMimeType: (ctx: any, resource: any, callback: any) => any;
+    canGetSize: (ctx: any, resource: any, callback: any) => any;
     abstract canListLocks: PrivilegeManagerMethod;
     abstract canSetLock: PrivilegeManagerMethod;
-    canRemoveLock: (ctx: any, resource: any, callback: any) => void;
+    canRemoveLock: (ctx: any, resource: any, callback: any) => any;
     abstract canGetAvailableLocks: PrivilegeManagerMethod;
-    canGetLock: (ctx: any, resource: any, callback: any) => void;
+    canGetLock: (ctx: any, resource: any, callback: any) => any;
     abstract canAddChild: PrivilegeManagerMethod;
     abstract canRemoveChild: PrivilegeManagerMethod;
     abstract canGetChildren: PrivilegeManagerMethod;
     abstract canSetProperty: PrivilegeManagerMethod;
     abstract canGetProperty: PrivilegeManagerMethod;
-    canGetProperties: (ctx: any, resource: any, callback: any) => void;
-    canRemoveProperty: (ctx: any, resource: any, callback: any) => void;
-    canGetCreationDate: (ctx: any, resource: any, callback: any) => void;
-    canGetLastModifiedDate: (ctx: any, resource: any, callback: any) => void;
-    canGetWebName: (ctx: any, resource: any, callback: any) => void;
-    canGetType: (ctx: any, resource: any, callback: any) => void;
+    canGetProperties: (ctx: any, resource: any, callback: any) => any;
+    canRemoveProperty: (ctx: any, resource: any, callback: any) => any;
+    canGetCreationDate: (ctx: any, resource: any, callback: any) => any;
+    canGetLastModifiedDate: (ctx: any, resource: any, callback: any) => any;
+    canGetWebName: (ctx: any, resource: any, callback: any) => any;
+    canGetType: (ctx: any, resource: any, callback: any) => any;
 }