Role refactor (#7867)

* role refactor * add missing file * fix web test
author: Chris <ccbrown112@gmail.com> 2017-11-21 13:08:32 -0600
committer: Christopher Speller <crspeller@gmail.com> 2017-11-21 11:08:32 -0800
commit: 816a30397da6ceff836d8723233dc5cdbda70871 (patch)
tree: d9075e04c6570296cea924b97088839f49d6ce9d /app/authorization.go
parent: 01e652ed481ed0ef0a8d8c021751655c1a58dd2a (diff)
download: chat-816a30397da6ceff836d8723233dc5cdbda70871.tar.gz
chat-816a30397da6ceff836d8723233dc5cdbda70871.tar.bz2
chat-816a30397da6ceff836d8723233dc5cdbda70871.zip
1 files changed, 11 insertions, 26 deletions
diff --git a/app/authorization.go b/app/authorization.go
index ed485e597..3a64bb717 100644
--- a/app/authorization.go
+++ b/app/authorization.go
@@ -12,7 +12,7 @@ import (
 )
 
 func (a *App) SessionHasPermissionTo(session model.Session, permission *model.Permission) bool {
-	if !CheckIfRolesGrantPermission(session.GetUserRoles(), permission.Id) {
+	if !a.CheckIfRolesGrantPermission(session.GetUserRoles(), permission.Id) {
 		a.ClearSessionCacheForUser(session.UserId)
 		return false
 	}
@@ -21,21 +21,6 @@ func (a *App) SessionHasPermissionTo(session model.Session, permission *model.Pe
 }
 
 /// DO NOT USE: LEGACY
-func SessionHasPermissionToTeam(session model.Session, teamId string, permission *model.Permission) bool {
-	if teamId == "" {
-		return false
-	}
-
-	teamMember := session.GetTeamByTeamId(teamId)
-	if teamMember != nil {
-		if CheckIfRolesGrantPermission(teamMember.GetRoles(), permission.Id) {
-			return true
-		}
-	}
-
-	return CheckIfRolesGrantPermission(session.GetUserRoles(), permission.Id)
-}
-
 func (a *App) SessionHasPermissionToTeam(session model.Session, teamId string, permission *model.Permission) bool {
 	if teamId == "" {
 		return false
@@ -43,12 +28,12 @@ func (a *App) SessionHasPermissionToTeam(session model.Session, teamId string, p
 
 	teamMember := session.GetTeamByTeamId(teamId)
 	if teamMember != nil {
-		if CheckIfRolesGrantPermission(teamMember.GetRoles(), permission.Id) {
+		if a.CheckIfRolesGrantPermission(teamMember.GetRoles(), permission.Id) {
 			return true
 		}
 	}
 
-	return a.SessionHasPermissionTo(session, permission)
+	return a.CheckIfRolesGrantPermission(session.GetUserRoles(), permission.Id)
 }
 
 func (a *App) SessionHasPermissionToChannel(session model.Session, channelId string, permission *model.Permission) bool {
@@ -63,7 +48,7 @@ func (a *App) SessionHasPermissionToChannel(session model.Session, channelId str
 		ids := cmcresult.Data.(map[string]string)
 		if roles, ok := ids[channelId]; ok {
 			channelRoles = strings.Fields(roles)
-			if CheckIfRolesGrantPermission(channelRoles, permission.Id) {
+			if a.CheckIfRolesGrantPermission(channelRoles, permission.Id) {
 				return true
 			}
 		}
@@ -84,7 +69,7 @@ func (a *App) SessionHasPermissionToChannelByPost(session model.Session, postId
 	if result := <-a.Srv.Store.Channel().GetMemberForPost(postId, session.UserId); result.Err == nil {
 		channelMember = result.Data.(*model.ChannelMember)
 
-		if CheckIfRolesGrantPermission(channelMember.GetRoles(), permission.Id) {
+		if a.CheckIfRolesGrantPermission(channelMember.GetRoles(), permission.Id) {
 			return true
 		}
 	}
@@ -134,7 +119,7 @@ func (a *App) HasPermissionTo(askingUserId string, permission *model.Permission)
 
 	roles := user.GetRoles()
 
-	return CheckIfRolesGrantPermission(roles, permission.Id)
+	return a.CheckIfRolesGrantPermission(roles, permission.Id)
 }
 
 func (a *App) HasPermissionToTeam(askingUserId string, teamId string, permission *model.Permission) bool {
@@ -149,7 +134,7 @@ func (a *App) HasPermissionToTeam(askingUserId string, teamId string, permission
 
 	roles := teamMember.GetRoles()
 
-	if CheckIfRolesGrantPermission(roles, permission.Id) {
+	if a.CheckIfRolesGrantPermission(roles, permission.Id) {
 		return true
 	}
 
@@ -164,7 +149,7 @@ func (a *App) HasPermissionToChannel(askingUserId string, channelId string, perm
 	channelMember, err := a.GetChannelMember(channelId, askingUserId)
 	if err == nil {
 		roles := channelMember.GetRoles()
-		if CheckIfRolesGrantPermission(roles, permission.Id) {
+		if a.CheckIfRolesGrantPermission(roles, permission.Id) {
 			return true
 		}
 	}
@@ -183,7 +168,7 @@ func (a *App) HasPermissionToChannelByPost(askingUserId string, postId string, p
 	if result := <-a.Srv.Store.Channel().GetMemberForPost(postId, askingUserId); result.Err == nil {
 		channelMember = result.Data.(*model.ChannelMember)
 
-		if CheckIfRolesGrantPermission(channelMember.GetRoles(), permission.Id) {
+		if a.CheckIfRolesGrantPermission(channelMember.GetRoles(), permission.Id) {
 			return true
 		}
 	}
@@ -208,9 +193,9 @@ func (a *App) HasPermissionToUser(askingUserId string, userId string) bool {
 	return false
 }
 
-func CheckIfRolesGrantPermission(roles []string, permissionId string) bool {
+func (a *App) CheckIfRolesGrantPermission(roles []string, permissionId string) bool {
 	for _, roleId := range roles {
-		if role, ok := model.BuiltInRoles[roleId]; !ok {
+		if role := a.Role(roleId); role == nil {
 			l4g.Debug("Bad role in system " + roleId)
 			return false
 		} else {
author	Chris <ccbrown112@gmail.com>	2017-11-21 13:08:32 -0600
committer	Christopher Speller <crspeller@gmail.com>	2017-11-21 11:08:32 -0800
commit	816a30397da6ceff836d8723233dc5cdbda70871 (patch)
tree	d9075e04c6570296cea924b97088839f49d6ce9d /app/authorization.go
parent	01e652ed481ed0ef0a8d8c021751655c1a58dd2a (diff)
download	chat-816a30397da6ceff836d8723233dc5cdbda70871.tar.gz chat-816a30397da6ceff836d8723233dc5cdbda70871.tar.bz2 chat-816a30397da6ceff836d8723233dc5cdbda70871.zip