Browse Source

refactor(nc-gui): improved comments for acl

pull/6399/head
mertmit 1 year ago
parent
commit
06cc899c82
  1. 11
      packages/nc-gui/lib/constants.ts

11
packages/nc-gui/lib/constants.ts

@ -114,12 +114,19 @@ const rolePermissions = {
}, },
} as Record<OrgUserRoles | ProjectRoles, Perm | '*'> } as Record<OrgUserRoles | ProjectRoles, Perm | '*'>
// validate no duplicate permissions within same scope
/* /*
We inherit include permissions from previous roles in the same scope (role order) We inherit include permissions from previous roles in the same scope (role order)
We inherit exclude permissions from previous roles in the same scope (reverse role order)
To determine role order, we use `roleScopes` object To determine role order, we use `roleScopes` object
So for example ProjectRoles.COMMENTER has `commentEdit` permission,
which means ProjectRoles.EDITOR, ProjectRoles.CREATOR, ProjectRoles.OWNER will also have `commentEdit` permission
where as ProjectRoles.VIEWER, ProjectRoles.NO_ACCESS will not have `commentEdit` permission.
This is why we are validating that there are no duplicate permissions within the same scope
even though it is not required for the code to work. It is to keep the code clean and easy to understand.
*/ */
// validate no duplicate permissions within same scope
Object.values(roleScopes).forEach((roles) => { Object.values(roleScopes).forEach((roles) => {
const scopePermissions: Record<string, boolean> = {} const scopePermissions: Record<string, boolean> = {}
const duplicates: string[] = [] const duplicates: string[] = []

Loading…
Cancel
Save