change permissions under the hood

integration-tests
Josha von Gizycki 6 years ago
parent 6ef2fea691
commit a8a366f3d2

@ -117,75 +117,50 @@
schema))
(neo4j/defquery
assigned-read-users
"MATCH (s:schema)-[:read]-(u:user)
assigned-users
"MATCH (s:schema)-[p:permission]-(u:user)
WHERE s.uuid = {uuid}
RETURN u
RETURN u, p
ORDER BY u.ident")
(defn assigned-read-users! [uuid]
(map :u
(neo4j/exec-query!
assigned-read-users
{:uuid uuid})))
(neo4j/defquery
assigned-write-users
"MATCH (s:schema)-[:write]-(u:user)
WHERE s.uuid = {uuid}
RETURN u
ORDER BY u.ident")
(defn assigned-write-users! [uuid]
(map :u
(neo4j/exec-query!
assigned-write-users
{:uuid uuid})))
(defn assigned-users! [uuid]
(neo4j/exec-query!
assigned-users
{:uuid uuid}))
(defn find-with-assigned-users! [uuid]
(assoc (find-by-uuid! uuid)
:assigned-read-users (map :uuid (assigned-read-users! uuid))
:assigned-write-users (map :uuid (assigned-write-users! uuid))))
(neo4j/defquery
remove-read-assignments
"MATCH (s:schema)-[c:read]-(:user)
WHERE s.uuid = {uuid}
DELETE c")
(let [assigned (reduce #(case (-> %2 :p :type)
"write" (update %1 :write conj (-> %2 :u :uuid))
"read" (update %1 :read conj (-> %2 :u :uuid))
%1)
{:write []
:read []}
(assigned-users! uuid))]
(assoc (find-by-uuid! uuid)
:assigned-read-users (:read assigned)
:assigned-write-users (:write assigned))))
(neo4j/defquery
create-read-assignments
"MATCH (s:schema), (u:user)
WHERE s.uuid = {uuid}
AND u.uuid IN {users}
CREATE (s)<-[:read]-(u)")
(neo4j/defquery
remove-write-assignments
"MATCH (s:schema)-[c:write]-(:user)
remove-assignments
"MATCH (s:schema)-[c:permission]-(:user)
WHERE s.uuid = {uuid}
AND c.type = {permtype}
DELETE c")
(neo4j/defquery
create-write-assignments
create-assignments
"MATCH (s:schema), (u:user)
WHERE s.uuid = {uuid}
AND u.uuid IN {users}
CREATE (s)<-[:write]-(u)")
CREATE (s)<-[:permission{type:{permtype}}]-(u)")
(defn assign-users! [uuid users permission]
(if (= permission "write")
(do (neo4j/exec-query!
remove-write-assignments
{:uuid uuid})
(neo4j/exec-query!
create-write-assignments
{:uuid uuid
:users users}))
(do (neo4j/exec-query!
remove-read-assignments
{:uuid uuid})
(neo4j/exec-query!
create-read-assignments
{:uuid uuid
:users users}))))
(neo4j/exec-query!
remove-assignments
{:uuid uuid
:permtype permission})
(neo4j/exec-query!
create-assignments
{:uuid uuid
:users users
:permtype permission}))

@ -75,6 +75,23 @@
(hform/form-to [:post (path :schema-edit)]
(form/render-widgets form schema req)
(hform/submit-button "Edit"))
[:h2 "Permissions"]
[:h3 "Read permissions"]
(hform/form-to [:post (path :schema-assign)]
(form/render-widgets assign-form
(assoc schema :assigned
(:assigned-read-users schema))
req)
(hform/hidden-field "permission" "read")
(hform/submit-button "Assign"))
[:h3 "Write permissions"]
(hform/form-to [:post (path :schema-assign)]
(form/render-widgets assign-form
(assoc schema :assigned
(:assigned-write-users schema))
req)
(hform/hidden-field "permission" "write")
(hform/submit-button "Assign"))
[:h2 "Attributes"]
[:ul.schema-attributes
(for [attr attrs]
@ -93,23 +110,6 @@
(form/render-widgets attr-form {} req)
(hform/hidden-field "schema" (:uuid schema))
(hform/submit-button "Create"))
[:h2 "Permissions"]
[:h3 "Read permissions"]
(hform/form-to [:post (path :schema-assign)]
(form/render-widgets assign-form
(assoc schema :assigned
(:assigned-read-users schema))
req)
(hform/hidden-field "permission" "read")
(hform/submit-button "Assign"))
[:h3 "Write permissions"]
(hform/form-to [:post (path :schema-assign)]
(form/render-widgets assign-form
(assoc schema :assigned
(:assigned-write-users schema))
req)
(hform/hidden-field "permission" "write")
(hform/submit-button "Assign"))
[:h2 "Actions"]
(hform/form-to {:class "inline"}
[:delete (path :schema-delete schema)]

Loading…
Cancel
Save