feature: api delete for root documents #25
Conversation
|
As far as I can tell, this PR includes changes from the other three that are currently open. It is probably best to review this one once the others are merged. :) |
...ations/20241118183039_fix_shared_access_in_view__all_document_user_permissions/migration.sql
Show resolved
Hide resolved
There was a problem hiding this comment.
This is not needed to be reviewed, since a second migration of the view was needed ;)
| CASE | ||
| WHEN documents.author_id = rup.user_id THEN rup.access | ||
| WHEN document_roots.shared_access = 'RO_DocumentRoot' THEN 'RO_User' | ||
| WHEN document_roots.shared_access = 'RW_DocumentRoot' THEN 'RW_User' | ||
| ELSE document_roots.shared_access | ||
| END AS access, |
There was a problem hiding this comment.
Added: Distinguish between own and shared documents
| ( | ||
| rup.access >= document_roots.shared_access | ||
| AND document_roots.shared_access != 'None_DocumentRoot' | ||
| ) |
There was a problem hiding this comment.
+: ensure the shared_access is not None
| CASE | ||
| WHEN document_roots.shared_access = 'RO_DocumentRoot' THEN 'RO_StudentGroup' | ||
| WHEN document_roots.shared_access = 'RW_DocumentRoot' THEN 'RW_StudentGroup' | ||
| ELSE document_roots.shared_access | ||
| END AS access, |
There was a problem hiding this comment.
+: same for group based access
| ON ( | ||
| document_roots.id=rgp.document_root_id | ||
| AND rgp.access >= document_roots.shared_access | ||
| AND document_roots.shared_access != 'None_DocumentRoot' | ||
| ) |
There was a problem hiding this comment.
+: and here aswell, don't provide None Access
| if (isAdmin) { | ||
| return true; | ||
| } |
There was a problem hiding this comment.
Huch, shouldn't admins be checked through the guard too!?
There was a problem hiding this comment.
This is ringing a bell now... I think we decided that admins should just be able to do whatever they want - but I don't think this was a great decision back then :D
There was a problem hiding this comment.
Now this actually means something, too 😆
Fix: correctly provide documents when shared access was granted
The sharing-model was not fully implemented and in #23 a bug was introduced, where the user-access had precedence over the the shared permission in case the root access was None.
Fix: ensure the route-guard is applied for admins too!
We somehow introduced that admin access is not checked by the route guard. (Maybe for debugging purpose?) I added a logger option for development to display route-guard infos
Fix/Feature: notify users when new a new document root is created
When dynamic doc roots are created, users must be notified...
Feature: api delete for root documents
When a root document is dynamically generated, an admin should be able to delete it again.
This is needed for GBSL-Informatik/teaching-dev#47