change permissions under the hood

6 years ago · a8a366f3d2
parent 6ef2fea691
commit a8a366f3d2
2 changed files with 48 additions and 73 deletions
--- a/src/wanijo/schema/domain.clj
+++ b/src/wanijo/schema/domain.clj
@ -117,75 +117,50 @@
   schema))
 (neo4j/defquery
-  assigned-read-users
+  assigned-users
-  "MATCH (s:schema)-[:read]-(u:user)
+  "MATCH (s:schema)-[p:permission]-(u:user)
   WHERE s.uuid = {uuid}
-   RETURN u
+   RETURN u, p
   ORDER BY u.ident")
-(defn assigned-read-users! [uuid]
+(defn assigned-users! [uuid]
-  (map :u
+  (neo4j/exec-query!
-       (neo4j/exec-query!
+   assigned-users
-        assigned-read-users
+   {:uuid uuid}))
        {:uuid uuid})))
 (neo4j/defquery
  assigned-write-users
  "MATCH (s:schema)-[:write]-(u:user)
   WHERE s.uuid = {uuid}
   RETURN u
   ORDER BY u.ident")
 (defn assigned-write-users! [uuid]
  (map :u
       (neo4j/exec-query!
        assigned-write-users
        {:uuid uuid})))
 (defn find-with-assigned-users! [uuid]
-  (assoc (find-by-uuid! uuid)
+  (let [assigned (reduce #(case (-> %2 :p :type)
-         :assigned-read-users (map :uuid (assigned-read-users! uuid))
+                            "write" (update %1 :write conj (-> %2 :u :uuid))
-         :assigned-write-users (map :uuid (assigned-write-users! uuid))))
+                            "read" (update %1 :read conj (-> %2 :u :uuid))
-
+                            %1)
-(neo4j/defquery
+                         {:write []
-  remove-read-assignments
+                          :read []}
-  "MATCH (s:schema)-[c:read]-(:user)
+                         (assigned-users! uuid))]
-   WHERE s.uuid = {uuid}
+    (assoc (find-by-uuid! uuid)
-   DELETE c")
+           :assigned-read-users (:read assigned)
           :assigned-write-users (:write assigned))))
 (neo4j/defquery
-  create-read-assignments
+  remove-assignments
-  "MATCH (s:schema), (u:user)
+  "MATCH (s:schema)-[c:permission]-(:user)
   WHERE s.uuid = {uuid}
     AND u.uuid IN {users}
   CREATE (s)<-[:read]-(u)")
 (neo4j/defquery
  remove-write-assignments
  "MATCH (s:schema)-[c:write]-(:user)
   WHERE s.uuid = {uuid}
     AND c.type = {permtype}
   DELETE c")
 (neo4j/defquery
-  create-write-assignments
+  create-assignments
  "MATCH (s:schema), (u:user)
   WHERE s.uuid = {uuid}
     AND u.uuid IN {users}
-   CREATE (s)<-[:write]-(u)")
+   CREATE (s)<-[:permission{type:{permtype}}]-(u)")
 (defn assign-users! [uuid users permission]
-  (if (= permission "write")
+  (neo4j/exec-query!
-    (do (neo4j/exec-query!
+   remove-assignments
-         remove-write-assignments
+   {:uuid uuid
-         {:uuid uuid})
+    :permtype permission})
-        (neo4j/exec-query!
+  (neo4j/exec-query!
-         create-write-assignments
+   create-assignments
-         {:uuid uuid
+   {:uuid uuid
-          :users users}))
+    :users users
-    (do (neo4j/exec-query!
+    :permtype permission}))
         remove-read-assignments
         {:uuid uuid})
        (neo4j/exec-query!
         create-read-assignments
         {:uuid uuid
          :users users}))))
--- a/src/wanijo/schema/view.clj
+++ b/src/wanijo/schema/view.clj
@ -75,6 +75,23 @@
    (hform/form-to [:post (path :schema-edit)]
                   (form/render-widgets form schema req)
                   (hform/submit-button "Edit"))
    [:h2 "Permissions"]
    [:h3 "Read permissions"]
    (hform/form-to [:post (path :schema-assign)]
                   (form/render-widgets assign-form
                                        (assoc schema :assigned
                                               (:assigned-read-users schema))
                                        req)
                   (hform/hidden-field "permission" "read")
                   (hform/submit-button "Assign"))
    [:h3 "Write permissions"]
    (hform/form-to [:post (path :schema-assign)]
                   (form/render-widgets assign-form
                                        (assoc schema :assigned
                                               (:assigned-write-users schema))
                                        req)
                   (hform/hidden-field "permission" "write")
                   (hform/submit-button "Assign"))
    [:h2 "Attributes"]
    [:ul.schema-attributes
     (for [attr attrs]
@ -93,23 +110,6 @@
                   (form/render-widgets attr-form {} req)
                   (hform/hidden-field "schema" (:uuid schema))
                   (hform/submit-button "Create"))
    [:h2 "Permissions"]
    [:h3 "Read permissions"]
    (hform/form-to [:post (path :schema-assign)]
                   (form/render-widgets assign-form
                                        (assoc schema :assigned
                                               (:assigned-read-users schema))
                                        req)
                   (hform/hidden-field "permission" "read")
                   (hform/submit-button "Assign"))
    [:h3 "Write permissions"]
    (hform/form-to [:post (path :schema-assign)]
                   (form/render-widgets assign-form
                                        (assoc schema :assigned
                                               (:assigned-write-users schema))
                                        req)
                   (hform/hidden-field "permission" "write")
                   (hform/submit-button "Assign"))
    [:h2 "Actions"]
    (hform/form-to {:class "inline"}
                   [:delete (path :schema-delete schema)]