Skip to content
Snippets Groups Projects
Commit d653688a authored by Petar Hristov's avatar Petar Hristov :speech_balloon: Committed by Sandra Westerhoff
Browse files

New: Added Guest Role

parent b0d58c8b
No related branches found
No related tags found
1 merge request!130New: Added Guest Role
......@@ -84,7 +84,10 @@ namespace Coscine.Api.Resources.Controllers
{
var resource = _resourceModel.GetById(id);
var user = _authenticator.GetUser();
if (_resourceModel.HasAccess(user, resource, UserRoles.Owner, UserRoles.Member))
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Resource: View Resource (RCV, Metadatamanager)
if (_resourceModel.HasAccess(user, resource, UserRoles.Owner, UserRoles.Member, UserRoles.Guest))
{
_resourceModel.SetType(resource);
......@@ -137,6 +140,8 @@ namespace Coscine.Api.Resources.Controllers
{
var user = _authenticator.GetUser();
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Resource: Change Resource Settings
if (_resourceModel.HasAccess(user, resource, UserRoles.Owner) ||
(_resourceModel.HasAccess(user, resource, UserRoles.Member) && resource.Creator.Equals(user.Id)))
{
......@@ -183,6 +188,8 @@ namespace Coscine.Api.Resources.Controllers
var resource = _resourceModel.GetById(id);
var user = _authenticator.GetUser();
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Resource: Change Resource Settings
if (_resourceModel.HasAccess(user, resource, UserRoles.Owner) ||
(_resourceModel.HasAccess(user, resource, UserRoles.Member) && resource.Creator.Equals(user.Id)))
{
......@@ -228,6 +235,8 @@ namespace Coscine.Api.Resources.Controllers
var resource = _resourceModel.GetById(id);
var user = _authenticator.GetUser();
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Resource: Change Resource Settings
if (_resourceModel.HasAccess(user, resource, UserRoles.Owner) ||
(_resourceModel.HasAccess(user, resource, UserRoles.Member) && resource.Creator.Equals(user.Id)))
{
......@@ -285,6 +294,8 @@ namespace Coscine.Api.Resources.Controllers
return Unauthorized("Access denied!");
}
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Resource: Create Resource
if (projectModel.HasAccess(user, project, UserRoles.Owner, UserRoles.Member))
{
if (!resourceType.Enabled.HasValue || !resourceType.Enabled.Value)
......
......@@ -64,9 +64,11 @@ namespace Coscine.Api.Resources.Controllers
var projectId = _projectResourceModel.GetWhere(x => x.ResourceId == id).ProjectId;
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Project: View Settings (project, user, quota)
if (!_projectModel.HasAccess(_authenticator.GetUser(), projectId, UserRoles.Owner, UserRoles.Member) && resource.Creator != _authenticator.GetUser().Id)
{
return Unauthorized("The user is not authorized to perform a get on the selected project!");
return Unauthorized("The user is not authorized to view resource quotas on the selected project!");
}
var displayName = _resourceTypeModel.GetById(resource.TypeId).DisplayName;
......@@ -100,6 +102,8 @@ namespace Coscine.Api.Resources.Controllers
var projectId = _projectResourceModel.GetWhere(x => x.ResourceId == id).ProjectId;
var user = _authenticator.GetUser();
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Project: Change Settings (project, user, quota)
if (!_projectModel.HasAccess(user, projectId, UserRoles.Owner) && resource.Creator != _authenticator.GetUser().Id)
{
return Unauthorized("The user is not authorized to perform a get on the selected project!");
......
using System;
namespace Coscine.Api.Resources.ParameterObjects;
namespace Coscine.Api.Resources.ParameterObjects;
/// <summary>
/// Parameter object containing the update information.
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment