change permissions under the hood

integration-tests
Josha von Gizycki 6 years ago
parent 6ef2fea691
commit a8a366f3d2

@ -117,75 +117,50 @@
schema)) schema))
(neo4j/defquery (neo4j/defquery
assigned-read-users assigned-users
"MATCH (s:schema)-[:read]-(u:user) "MATCH (s:schema)-[p:permission]-(u:user)
WHERE s.uuid = {uuid} WHERE s.uuid = {uuid}
RETURN u RETURN u, p
ORDER BY u.ident") ORDER BY u.ident")
(defn assigned-read-users! [uuid] (defn assigned-users! [uuid]
(map :u
(neo4j/exec-query! (neo4j/exec-query!
assigned-read-users assigned-users
{:uuid uuid}))) {:uuid uuid}))
(neo4j/defquery
assigned-write-users
"MATCH (s:schema)-[:write]-(u:user)
WHERE s.uuid = {uuid}
RETURN u
ORDER BY u.ident")
(defn assigned-write-users! [uuid]
(map :u
(neo4j/exec-query!
assigned-write-users
{:uuid uuid})))
(defn find-with-assigned-users! [uuid] (defn find-with-assigned-users! [uuid]
(let [assigned (reduce #(case (-> %2 :p :type)
"write" (update %1 :write conj (-> %2 :u :uuid))
"read" (update %1 :read conj (-> %2 :u :uuid))
%1)
{:write []
:read []}
(assigned-users! uuid))]
(assoc (find-by-uuid! uuid) (assoc (find-by-uuid! uuid)
:assigned-read-users (map :uuid (assigned-read-users! uuid)) :assigned-read-users (:read assigned)
:assigned-write-users (map :uuid (assigned-write-users! uuid)))) :assigned-write-users (:write assigned))))
(neo4j/defquery
remove-read-assignments
"MATCH (s:schema)-[c:read]-(:user)
WHERE s.uuid = {uuid}
DELETE c")
(neo4j/defquery (neo4j/defquery
create-read-assignments remove-assignments
"MATCH (s:schema), (u:user) "MATCH (s:schema)-[c:permission]-(:user)
WHERE s.uuid = {uuid}
AND u.uuid IN {users}
CREATE (s)<-[:read]-(u)")
(neo4j/defquery
remove-write-assignments
"MATCH (s:schema)-[c:write]-(:user)
WHERE s.uuid = {uuid} WHERE s.uuid = {uuid}
AND c.type = {permtype}
DELETE c") DELETE c")
(neo4j/defquery (neo4j/defquery
create-write-assignments create-assignments
"MATCH (s:schema), (u:user) "MATCH (s:schema), (u:user)
WHERE s.uuid = {uuid} WHERE s.uuid = {uuid}
AND u.uuid IN {users} AND u.uuid IN {users}
CREATE (s)<-[:write]-(u)") CREATE (s)<-[:permission{type:{permtype}}]-(u)")
(defn assign-users! [uuid users permission] (defn assign-users! [uuid users permission]
(if (= permission "write")
(do (neo4j/exec-query!
remove-write-assignments
{:uuid uuid})
(neo4j/exec-query! (neo4j/exec-query!
create-write-assignments remove-assignments
{:uuid uuid {:uuid uuid
:users users})) :permtype permission})
(do (neo4j/exec-query!
remove-read-assignments
{:uuid uuid})
(neo4j/exec-query! (neo4j/exec-query!
create-read-assignments create-assignments
{:uuid uuid {:uuid uuid
:users users})))) :users users
:permtype permission}))

@ -75,6 +75,23 @@
(hform/form-to [:post (path :schema-edit)] (hform/form-to [:post (path :schema-edit)]
(form/render-widgets form schema req) (form/render-widgets form schema req)
(hform/submit-button "Edit")) (hform/submit-button "Edit"))
[:h2 "Permissions"]
[:h3 "Read permissions"]
(hform/form-to [:post (path :schema-assign)]
(form/render-widgets assign-form
(assoc schema :assigned
(:assigned-read-users schema))
req)
(hform/hidden-field "permission" "read")
(hform/submit-button "Assign"))
[:h3 "Write permissions"]
(hform/form-to [:post (path :schema-assign)]
(form/render-widgets assign-form
(assoc schema :assigned
(:assigned-write-users schema))
req)
(hform/hidden-field "permission" "write")
(hform/submit-button "Assign"))
[:h2 "Attributes"] [:h2 "Attributes"]
[:ul.schema-attributes [:ul.schema-attributes
(for [attr attrs] (for [attr attrs]
@ -93,23 +110,6 @@
(form/render-widgets attr-form {} req) (form/render-widgets attr-form {} req)
(hform/hidden-field "schema" (:uuid schema)) (hform/hidden-field "schema" (:uuid schema))
(hform/submit-button "Create")) (hform/submit-button "Create"))
[:h2 "Permissions"]
[:h3 "Read permissions"]
(hform/form-to [:post (path :schema-assign)]
(form/render-widgets assign-form
(assoc schema :assigned
(:assigned-read-users schema))
req)
(hform/hidden-field "permission" "read")
(hform/submit-button "Assign"))
[:h3 "Write permissions"]
(hform/form-to [:post (path :schema-assign)]
(form/render-widgets assign-form
(assoc schema :assigned
(:assigned-write-users schema))
req)
(hform/hidden-field "permission" "write")
(hform/submit-button "Assign"))
[:h2 "Actions"] [:h2 "Actions"]
(hform/form-to {:class "inline"} (hform/form-to {:class "inline"}
[:delete (path :schema-delete schema)] [:delete (path :schema-delete schema)]

Loading…
Cancel
Save