/
permissions.go
98 lines (84 loc) · 3.33 KB
/
permissions.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
package auth
import "github.com/GenerateNU/sac/backend/src/models"
type Permission string
const (
// User Management
UserRead Permission = "user:read"
UserWrite Permission = "user:write"
UserDelete Permission = "user:delete"
UserManageProfile Permission = "user:manage_profile"
UserReadAll Permission = "user:read_all"
// Tag Management
TagRead Permission = "tag:read"
TagCreate Permission = "tag:create"
TagWrite Permission = "tag:write"
TagDelete Permission = "tag:delete"
// Club Management
ClubRead Permission = "club:read"
ClubCreate Permission = "club:create"
ClubWrite Permission = "club:write"
ClubDelete Permission = "club:delete"
ClubManageMembers Permission = "club:manage_members"
ClubManageFollowers Permission = "club:manage_followers"
// Point of Contact Management
PointOfContactRead Permission = "pointOfContact:read"
PointOfContactCreate Permission = "pointOfContact:create"
PointOfContactWrite Permission = "pointOfContact:write"
PointOfContactDelete Permission = "pointOfContact:delete"
// Comment Management
CommentRead Permission = "comment:read"
CommentCreate Permission = "comment:create"
CommentWrite Permission = "comment:write"
CommentDelete Permission = "comment:delete"
// Event Management
EventRead Permission = "event:read"
EventCreate Permission = "event:create"
EventWrite Permission = "event:write"
EventDelete Permission = "event:delete"
EventManageRSVPs Permission = "event:manage_rsvps"
// Contact Management
ContactRead Permission = "contact:read"
ContactCreate Permission = "contact:create"
ContactWrite Permission = "contact:write"
ContactDelete Permission = "contact:delete"
// Category Management
CategoryRead Permission = "category:read"
CategoryCreate Permission = "category:create"
CategoryWrite Permission = "category:write"
CategoryDelete Permission = "category:delete"
// Notification Management
NotificationRead Permission = "notification:read"
NotificationCreate Permission = "notification:create"
NotificationWrite Permission = "notification:write"
NotificationDelete Permission = "notification:delete"
// Global Permissions (for convenience)
ReadAll Permission = "all:read"
CreateAll Permission = "all:create"
WriteAll Permission = "all:write"
DeleteAll Permission = "all:delete"
)
var rolePermissions = map[models.UserRole][]Permission{
models.Super: {
UserRead, UserWrite, UserDelete, UserManageProfile, UserReadAll,
TagRead, TagCreate, TagWrite, TagDelete,
ClubRead, ClubCreate, ClubWrite, ClubDelete, ClubManageMembers, ClubManageFollowers,
PointOfContactRead, PointOfContactCreate, PointOfContactWrite, PointOfContactDelete,
CommentRead, CommentCreate, CommentWrite, CommentDelete,
EventRead, EventCreate, EventWrite, EventDelete, EventManageRSVPs,
ContactRead, ContactCreate, ContactWrite, ContactDelete,
CategoryRead, CategoryCreate, CategoryWrite, CategoryDelete,
NotificationRead, NotificationCreate, NotificationWrite, NotificationDelete,
ReadAll, CreateAll, WriteAll, DeleteAll,
},
models.Student: {
UserRead, UserManageProfile,
TagRead,
ClubRead, EventRead,
CommentRead, CommentCreate,
ContactRead, PointOfContactRead,
NotificationRead,
},
}
func GetPermissions(role models.UserRole) []Permission {
return rolePermissions[role]
}