diff --git a/lib/core/services/content.service.spec.ts b/lib/core/services/content.service.spec.ts index 90847ec36d..ab54832f91 100644 --- a/lib/core/services/content.service.spec.ts +++ b/lib/core/services/content.service.spec.ts @@ -139,34 +139,45 @@ describe('ContentService', () => { }); it('should havePermission be true if permissions is present and you have the permission for the request operation', () => { - const permissionNode = new Node({ permissions: { locallySet: [{ name: 'manager' }, { name: 'collaborator' }, { name: 'consumer' }] } }); + const permissionNode = new Node({ permissions: { locallySet: [{ name: 'manager', authorityId: 'user1' }, { name: 'collaborator', authorityId: 'user2' }, { name: 'consumer', authorityId: 'user3' }] } }); - expect(contentService.hasPermissions(permissionNode, 'manager')).toBeTruthy(); + expect(contentService.hasPermissions(permissionNode, 'manager', 'user1')).toBeTruthy(); }); it('should havePermission be false if permissions is present but you don\'t have the permission for the request operation', () => { - const permissionNode = new Node({ permissions: { locallySet: [{ name: 'collaborator' }, { name: 'consumer' }] } }); - expect(contentService.hasPermissions(permissionNode, 'manager')).toBeFalsy(); + const permissionNode = new Node({ permissions: { locallySet: [{ name: 'collaborator', authorityId: 'user1' }, { name: 'consumer', authorityId: 'user2' }] } }); + expect(contentService.hasPermissions(permissionNode, 'manager', 'user1')).toBeFalsy(); }); it('should havePermission works in the opposite way with negate value', () => { - const permissionNode = new Node({ permissions: { locallySet: [{ name: 'collaborator' }, { name: 'consumer' }] } }); - expect(contentService.hasPermissions(permissionNode, '!manager')).toBeTruthy(); + const permissionNode = new Node({ permissions: { locallySet: [{ name: 'collaborator', authorityId: 'user1' }, { name: 'consumer', authorityId: 'user2' }] } }); + expect(contentService.hasPermissions(permissionNode, '!manager', 'user1')).toBeTruthy(); }); it('should havePermission return false if no permission parameter are passed', () => { - const permissionNode = new Node({ permissions: { locallySet: [{ name: 'collaborator' }, { name: 'consumer' }] } }); - expect(contentService.hasPermissions(permissionNode, null)).toBeFalsy(); + const permissionNode = new Node({ permissions: { locallySet: [{ name: 'collaborator', authorityId: 'user1' }, { name: 'consumer', authorityId: 'user2' }] } }); + expect(contentService.hasPermissions(permissionNode, null, 'user1')).toBeFalsy(); }); it('should havePermission return true if the permissions is empty and the permission to check is Consumer', () => { const permissionNode = new Node({ permissions: [] }); - expect(contentService.hasPermissions(permissionNode, 'Consumer')).toBeTruthy(); + expect(contentService.hasPermissions(permissionNode, 'Consumer', 'user1')).toBeTruthy(); }); it('should havePermission return false if the permissions is empty and the permission to check is not Consumer', () => { const permissionNode = new Node({ permissions: [] }); - expect(contentService.hasPermissions(permissionNode, '!Consumer')).toBeFalsy(); + expect(contentService.hasPermissions(permissionNode, '!Consumer', 'user1')).toBeFalsy(); + }); + + it('should havePermission be true if inherited permissions is present and you have the permission for the request operation', () => { + const permissionNode = new Node({ permissions: { inherited: [{ name: 'manager', authorityId: 'user1' }, { name: 'collaborator', authorityId: 'user2' } ] } }); + expect(contentService.hasPermissions(permissionNode, 'manager', 'user1')).toBeTruthy(); + }); + + it('should take current logged user id if userId undefined ', () => { + spyOn(authService, 'getEcmUsername').and.returnValue('user1'); + const permissionNode = new Node({ permissions: { inherited: [{ name: 'manager', authorityId: 'user1' }, { name: 'collaborator', authorityId: 'user2' } ] } }); + expect(contentService.hasPermissions(permissionNode, 'manager')).toBeTruthy(); }); }); }); diff --git a/lib/core/services/content.service.ts b/lib/core/services/content.service.ts index 5e7613e718..2cfb5243d5 100644 --- a/lib/core/services/content.service.ts +++ b/lib/core/services/content.service.ts @@ -152,16 +152,20 @@ export class ContentService { * Checks if the user has permission on that node * @param node Node to check permissions * @param permission Required permission type + * @param userId Optional current user id will be taken by default * @returns True if the user has the required permissions, false otherwise */ - hasPermissions(node: Node, permission: PermissionsEnum | string): boolean { + hasPermissions(node: Node, permission: PermissionsEnum | string, userId?: string): boolean { let hasPermissions = false; + userId = userId ?? this.authService.getEcmUsername(); - if (node && node.permissions && node.permissions.locallySet) { + const permissions = [ ...(node.permissions?.locallySet || []), ...(node.permissions?.inherited || []) ] + .filter((currentPermission) => currentPermission.authorityId === userId); + if (permissions.length) { if (permission && permission.startsWith('!')) { - hasPermissions = node.permissions.locallySet.find((currentPermission) => currentPermission.name === permission.replace('!', '')) ? false : true; + hasPermissions = permissions.find((currentPermission) => currentPermission.name === permission.replace('!', '')) ? false : true; } else { - hasPermissions = node.permissions.locallySet.find((currentPermission) => currentPermission.name === permission) ? true : false; + hasPermissions = permissions.find((currentPermission) => currentPermission.name === permission) ? true : false; } } else {