Skip to content

Commit

Permalink
feat: add permission to edit basic info and fixed the bug of incorrec…
Browse files Browse the repository at this point in the history
…t display of group fields
  • Loading branch information
moonrailgun committed Nov 24, 2023
1 parent 64c0977 commit 5d69b32
Show file tree
Hide file tree
Showing 4 changed files with 35 additions and 8 deletions.
8 changes: 8 additions & 0 deletions client/shared/utils/role-helper.ts
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,7 @@ export const PERMISSION = {
unlimitedInvite: 'core.unlimitedInvite',
editInvite: 'core.editInvite',
groupDetail: 'core.groupDetail',
groupBaseInfo: 'core.groupBaseInfo',
groupConfig: 'core.groupConfig',
manageUser: 'core.manageUser',
managePanel: 'core.managePanel',
Expand Down Expand Up @@ -101,6 +102,13 @@ export const getPermissionList = (): PermissionItemType[] => [
desc: t('允许成员查看群组详情'),
default: false,
},
{
key: PERMISSION.core.groupBaseInfo,
title: t('修改群组基本信息'),
desc: t('允许成员修改群组基本信息'),
default: false,
required: [PERMISSION.core.groupDetail],
},
{
key: PERMISSION.core.groupConfig,
title: t('修改群组配置'),
Expand Down
9 changes: 7 additions & 2 deletions client/web/src/components/modals/GroupDetail/Summary.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -11,18 +11,23 @@ import React from 'react';
import { Avatar } from 'tailchat-design';
import {
modifyGroupField,
PERMISSION,
showSuccessToasts,
showToasts,
t,
UploadFileResult,
useAsyncRequest,
useGroupInfo,
useHasGroupPermission,
} from 'tailchat-shared';

export const GroupSummary: React.FC<{
groupId: string;
}> = React.memo(({ groupId }) => {
const groupInfo = useGroupInfo(groupId);
const [hasBaseInfoPermission] = useHasGroupPermission(groupId, [
PERMISSION.core.groupBaseInfo,
]);

const [, handleUpdateGroupName] = useAsyncRequest(
async (newName: string) => {
Expand Down Expand Up @@ -70,7 +75,7 @@ export const GroupSummary: React.FC<{
<FullModalField
title={t('群组名称')}
value={groupInfo.name}
editable={true}
editable={hasBaseInfoPermission}
renderEditor={DefaultFullModalInputEditorRender}
onSave={handleUpdateGroupName}
/>
Expand All @@ -84,7 +89,7 @@ export const GroupSummary: React.FC<{
title={t('群组描述')}
value={groupInfo.description ?? ''}
content={<pre>{groupInfo.description ?? ''}</pre>}
editable={true}
editable={hasBaseInfoPermission}
renderEditor={GroupDescriptionEditorRender}
onSave={handleUpdateGroupDescription}
/>
Expand Down
1 change: 1 addition & 0 deletions server/packages/sdk/src/services/lib/role.ts
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ export const PERMISSION = {
unlimitedInvite: 'core.unlimitedInvite',
editInvite: 'core.editInvite', // 编辑邀请码权限,需要有创建无限制邀请码的权限
groupDetail: 'core.groupDetail',
groupBaseInfo: 'core.groupBaseInfo',
groupConfig: 'core.groupConfig',
manageUser: 'core.manageUser',
managePanel: 'core.managePanel',
Expand Down
25 changes: 19 additions & 6 deletions server/services/core/group/group.service.ts
Original file line number Diff line number Diff line change
Expand Up @@ -425,19 +425,32 @@ class GroupService extends TcService {
throw new EntityError(t('该数据不允许修改'));
}

const [isGroupOwner, hasRolePermission] = await call(
ctx
).checkUserPermissions(groupId, userId, [
const [
isGroupOwner,
hasBaseInfoPermission,
hasRolePermission,
hasManagePanelPermission,
] = await call(ctx).checkUserPermissions(groupId, userId, [
PERMISSION.core.owner,
PERMISSION.core.groupBaseInfo,
PERMISSION.core.manageRoles,
PERMISSION.core.managePanel,
]);

if (fieldName === 'fallbackPermissions') {
if (['roles', 'fallbackPermissions'].includes(fieldName)) {
if (!hasRolePermission) {
throw new NoPermissionError(t('没有操作权限'));
throw new NoPermissionError(t('没有编辑群组身份组权限'));
}
} else if (['name', 'avatar', 'description'].includes(fieldName)) {
if (!hasBaseInfoPermission) {
throw new NoPermissionError(t('没有编辑群组信息权限'));
}
} else if (fieldName === 'panels') {
if (!hasManagePanelPermission) {
throw new NoPermissionError(t('没有编辑群组面板权限'));
}
} else if (!isGroupOwner) {
throw new NoPermissionError(t('不是群组管理员无法编辑'));
throw new NoPermissionError(t('不是群组所有者无法编辑'));
}

const group = await this.adapter.model.findById(groupId).exec();
Expand Down

0 comments on commit 5d69b32

Please sign in to comment.