diff --git a/changelog/unreleased/new-role-editor-wo-versions.md b/changelog/unreleased/new-role-editor-wo-versions.md new file mode 100644 index 0000000000..55417c7bfe --- /dev/null +++ b/changelog/unreleased/new-role-editor-wo-versions.md @@ -0,0 +1,7 @@ +Enhancement: Added a new role space editor without versions + +We add a new role space editor without list and restore version permissions. + + +https://github.com/cs3org/reva/pull/4817 +https://github.com/owncloud/ocis/issues/9699 diff --git a/pkg/conversions/role.go b/pkg/conversions/role.go index 7d7e0fcd89..edb4609ae3 100644 --- a/pkg/conversions/role.go +++ b/pkg/conversions/role.go @@ -43,6 +43,8 @@ const ( RoleEditor = "editor" // RoleSpaceEditor grants editor permission on a space. RoleSpaceEditor = "spaceeditor" + // RoleSpaceEditorWithoutVersions grants editor permission without list/restore versions on a space. + RoleSpaceEditorWithoutVersions = "spaceeditor-without-versions" // RoleFileEditor grants editor permission on a single file. RoleFileEditor = "file-editor" // RoleCoowner grants co-owner permissions on a resource. @@ -272,6 +274,28 @@ func NewSpaceEditorRole() *Role { } } +// NewSpaceEditorWithoutVersionsRole creates an editor without list/restore versions role +func NewSpaceEditorWithoutVersionsRole() *Role { + return &Role{ + Name: RoleSpaceEditorWithoutVersions, + cS3ResourcePermissions: &provider.ResourcePermissions{ + CreateContainer: true, + Delete: true, + GetPath: true, + GetQuota: true, + InitiateFileDownload: true, + InitiateFileUpload: true, + ListContainer: true, + ListGrants: true, + ListRecycle: true, + Move: true, + RestoreRecycleItem: true, + Stat: true, + }, + ocsPermissions: PermissionRead | PermissionCreate | PermissionWrite | PermissionDelete, + } +} + // NewFileEditorRole creates a file-editor role func NewFileEditorRole() *Role { p := PermissionRead | PermissionWrite