b0esche/b0esche_cloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
20bc0ac7575b58415c2833a2358c2fde59fc95a6
b0esche_cloud/go_cloud/internal/permission/permission.go
Leon Bösche 20bc0ac757 Implement complete Organizations feature with RBAC 
- Add owner/admin/member roles with proper permissions
- Implement invite links and join requests system
- Add organization settings dialog with member management
- Create database migrations for invitations and invite links
- Update backend API with org management endpoints
- Fix compilation errors and audit logging
- Update frontend models and API integration
2026-01-23 23:21:23 +01:00

48 lines
1.1 KiB
Go
Raw Blame History

package permission
import (
"context"
"fmt"
"go.b0esche.cloud/backend/internal/database"
"github.com/google/uuid"
)
type Permission string
const (
FileRead Permission = "file.read"
FileWrite Permission = "file.write"
FileDelete Permission = "file.delete"
DocumentView Permission = "document.view"
DocumentEdit Permission = "document.edit"
OrgManage Permission = "org.manage"
)
var rolePermissions = map[string][]Permission{
"owner": {FileRead, FileWrite, FileDelete, DocumentView, DocumentEdit, OrgManage},
"admin": {FileRead, FileWrite, FileDelete, DocumentView, DocumentEdit},
"member": {FileRead, DocumentView},
}
// HasPermission checks if user has permission in org
func HasPermission(ctx context.Context, db *database.DB, userID, orgID uuid.UUID, perm Permission) (bool, error) {
membership, err := db.GetUserMembership(ctx, userID, orgID)
if err != nil {
return false, err
}
perms, ok := rolePermissions[membership.Role]
if !ok {
return false, fmt.Errorf("unknown role: %s", membership.Role)
}
for _, p := range perms {
if p == perm {
return true, nil
}
}
return false, nil
}
Reference in New Issue View Git Blame Copy Permalink