cs3org · kobergj · May 31, 2023 · May 30, 2023 · May 30, 2023
@@ -0,0 +1,5 @@
+Enhancement: Rename permissions
+
+Rename permissions to be consistent and future proof
+
+https://github.com/cs3org/reva/pull/3922
@@ -24,9 +24,9 @@ import (
 
 const (
 	// ListAllSpaces is the hardcoded name for the list all spaces permission
-	ListAllSpaces string = "list-all-spaces"
+	ListAllSpaces string = "Drives.List"
 	// CreateSpace is the hardcoded name for the create space permission
-	CreateSpace string = "create-space"
+	CreateSpace string = "Drives.Create"
 	// WritePublicLink is the hardcoded name for the PublicLink.Write permission
 	WritePublicLink string = "PublicLink.Write"
 )

@@ -41,7 +41,7 @@ func (p Permissions) AssemblePermissions(ctx context.Context, n *node.Node) (pro
 
 // CreateSpace returns true when the user is allowed to create the space
 func (p Permissions) CreateSpace(ctx context.Context, spaceid string) bool {
-	return p.checkPermission(ctx, "create-space", spaceRef(spaceid))
+	return p.checkPermission(ctx, "Drives.Create", spaceRef(spaceid))
 }
 
 // SetSpaceQuota returns true when the user is allowed to change the spaces quota
@@ -50,25 +50,25 @@ func (p Permissions) SetSpaceQuota(ctx context.Context, spaceid string, spaceTyp
 	default:
 		return false // only quotas of personal and project space may be changed
 	case _spaceTypePersonal:
-		return p.checkPermission(ctx, "set-space-quota", spaceRef(spaceid))
+		return p.checkPermission(ctx, "Drives.ReadWritePersonalQuota", spaceRef(spaceid))
 	case _spaceTypeProject:
-		return p.checkPermission(ctx, "Drive.ReadWriteQuota.Project", spaceRef(spaceid))
+		return p.checkPermission(ctx, "Drives.ReadWriteProjectQuota", spaceRef(spaceid))
 	}
 }
 
 // ManageSpaceProperties returns true when the user is allowed to change space properties (name/subtitle)
 func (p Permissions) ManageSpaceProperties(ctx context.Context, spaceid string) bool {
-	return p.checkPermission(ctx, "Drive.ReadWrite", spaceRef(spaceid))
+	return p.checkPermission(ctx, "Drives.ReadWrite", spaceRef(spaceid))
 }
 
 // SpaceAbility returns true when the user is allowed to enable/disable the space
 func (p Permissions) SpaceAbility(ctx context.Context, spaceid string) bool {
-	return p.checkPermission(ctx, "Drive.ReadWriteEnabled", spaceRef(spaceid))
+	return p.checkPermission(ctx, "Drives.ReadWriteEnabled", spaceRef(spaceid))
 }
 
 // ListAllSpaces returns true when the user is allowed to list all spaces
 func (p Permissions) ListAllSpaces(ctx context.Context) bool {
-	return p.checkPermission(ctx, "list-all-spaces", nil)
+	return p.checkPermission(ctx, "Drives.List", nil)
 }
 
 // ListSpacesOfUser returns true when the user is allowed to list the spaces of the given user
@@ -86,12 +86,12 @@ func (p Permissions) ListSpacesOfUser(ctx context.Context, userid *userv1beta1.U
 
 // DeleteAllSpaces returns true when the user is allowed to delete all spaces
 func (p Permissions) DeleteAllSpaces(ctx context.Context) bool {
-	return p.checkPermission(ctx, "delete-all-spaces", nil)
+	return p.checkPermission(ctx, "Drives.DeleteProject", nil)
 }
 
 // DeleteAllHomeSpaces returns true when the user is allowed to delete all home spaces
 func (p Permissions) DeleteAllHomeSpaces(ctx context.Context) bool {
-	return p.checkPermission(ctx, "delete-all-home-spaces", nil)
+	return p.checkPermission(ctx, "Drives.DeletePersonal", nil)
 }
 
 // checkPermission is used to check a users space permissions

@@ -49,13 +49,13 @@ var _ = Describe("Spaces", func() {
 			Expect(err).ToNot(HaveOccurred())
 			env.PermissionsClient.On("CheckPermission", mock.Anything, mock.Anything, mock.Anything).Return(
 				func(ctx context.Context, in *cs3permissions.CheckPermissionRequest, opts ...grpc.CallOption) *cs3permissions.CheckPermissionResponse {
-					if in.Permission == "delete-all-home-spaces" && ctxpkg.ContextMustGetUser(ctx).Id.GetOpaqueId() == env.DeleteHomeSpacesUser.Id.OpaqueId {
+					if in.Permission == "Drives.DeletePersonal" && ctxpkg.ContextMustGetUser(ctx).Id.GetOpaqueId() == env.DeleteHomeSpacesUser.Id.OpaqueId {
 						return &cs3permissions.CheckPermissionResponse{Status: &rpcv1beta1.Status{Code: rpcv1beta1.Code_CODE_OK}}
 					}
-					if in.Permission == "delete-all-spaces" && ctxpkg.ContextMustGetUser(ctx).Id.GetOpaqueId() == env.DeleteAllSpacesUser.Id.OpaqueId {
+					if in.Permission == "Drives.DeleteProject" && ctxpkg.ContextMustGetUser(ctx).Id.GetOpaqueId() == env.DeleteAllSpacesUser.Id.OpaqueId {
 						return &cs3permissions.CheckPermissionResponse{Status: &rpcv1beta1.Status{Code: rpcv1beta1.Code_CODE_OK}}
 					}
-					if (in.Permission == "create-space" || in.Permission == "list-all-spaces") && ctxpkg.ContextMustGetUser(ctx).Id.GetOpaqueId() == helpers.OwnerID {
+					if (in.Permission == "Drives.Create" || in.Permission == "Drives.List") && ctxpkg.ContextMustGetUser(ctx).Id.GetOpaqueId() == helpers.OwnerID {
 						return &cs3permissions.CheckPermissionResponse{Status: &rpcv1beta1.Status{Code: rpcv1beta1.Code_CODE_OK}}
 					}
 					// any other user
@@ -316,7 +316,7 @@ var _ = Describe("Spaces", func() {
 					switch ctxpkg.ContextMustGetUser(ctx).GetId().GetOpaqueId() {
 					case manager.GetId().GetOpaqueId():
 						switch in.Permission {
-						case "create-space":
+						case "Drives.Create":
 							return &cs3permissions.CheckPermissionResponse{Status: &rpcv1beta1.Status{Code: rpcv1beta1.Code_CODE_OK}}
 						default:
 							return &cs3permissions.CheckPermissionResponse{Status: &rpcv1beta1.Status{Code: rpcv1beta1.Code_CODE_PERMISSION_DENIED}}