Giter Site home page Giter Site logo

cozy-clearance's Introduction

cozy-clearance

Helper package to manage clearances in cozy. This package include two parts:

  • server side
  • client side

Usage : Server Side

Base Module

documentation

clearance = require 'cozy-clearance'

details  = {email:"[email protected]", contactid:"3615", any:"other field"}
details2 = {email:"[email protected]", contactid:"3616", any:"other field"}

The clearance.add function allows you to add a rule to a model

clearance.add someModel, 'rw', details, (err) ->
    clearance.add someModel, 'r', details2, (err) ->
        console.log someModel.clearance
# [
#     {email:"[email protected]", contactid:"3615", any:"other field", key:"secret", perm:"rw"}
#     {email:"[email protected]", contactid:"3616", any:"other field", key:"secret2", perm:"rw"}
# ]

The clearance.check function allows you to check a request against the model. It looks for the key in the request's querystring The callback is called with the matching rule if found, false otherwise

req.query.key = "secret"
clearance.check someModel, 'r', req, (err, rule) ->
    # rule == {email:"[email protected]", contactid:"3615", any:"other field", key:"secret", perm:"rw"}

clearance.check someModel, 'w', req, (err, rule) ->
    # rule == false, steve doesn't have the 'w' permission

The clearance.revoke function allows you to revoke a rule for the model. All rules matching the given object will be revoked

clearance.revoke someModel, {email:"[email protected]"}, (err) ->
    console.log someModel.clearance
    # [{email:"[email protected]", contactid:"3616", any:"other field", key:"secret2", perm:"rw"}]

# or

clearance.revoke someModel, {any:"other field"}, (err) ->
    console.log someModel.clearance
    # []

Controller :

To use the client side of cozy-clearance, you will need to expose some of the controller's routes.

# in routes.coffee
clearance = require 'cozy-clearance'

# use mailSubject & mailTemplate functions to customize the sent mail.
clearanceCtl = clearance.controller
    mailSubject: (options) -> # options.doc , options.url
    mailTemplate: (options) -> # options.doc , options.url
    attachments: optional array of attachments

'docid':
    param: # fetch and save in req.doc
'clearance/contacts':
    get: clearanceCtl.contactList
'clearance/contacts/:contactid':
    get: clearanceCtl.contact
'clearance/contacts/:contactid.jpg':
    get: sharing.contactPicture
'clearance/:docid'
    put: clearanceCtl.change
'clearance/:docid/send':
    post: clearanceCtl.sendAll

Usage : Client Side

Your client side environement should include the following :

  • a global require & require.define, following the commonjs convention (like brunch)
  • a global t function that handles translations

Include the file client-build.js or client-build.min.js in your vendor/scripts folder and use it like this :

CozyClearanceModal = require 'cozy-clearance/modal_share_view'
new CozyClearanceModal model: someModel

You can override some methods :

class YourModalView extends CozyClearanceModal

    # change the permissions method to add possible permissions
    permissions: ->
        'r': 'see this'
        'rw': 'see and edit'
        'rwy': 'see, edit and do Y'
        'rwz': 'see, edit and do Z'
        # note : list all possible combinations, here, you can't have both Y & Z permissions

See cozy-files for heavy customization.

The contactCollection can be plugged to your app's realtime :

contactCollection = require 'cozy-clearance/contact_collection'
socketListener.process = (event) ->
   {doctype, operation, id} = event
   # ...
   contactCollection.handleRealtimeContactEvent event

Locales

The client-side library use the following locale keys:

  • "cancel"
  • "confirm"
  • "copy paste link"
  • "mail not send"
  • "modal error"
  • "modal ok"
  • "modal question " + type + " shareable"
  • "modal send mails
  • "modal shared " + type + " custom msg"
  • "modal shared public link msg"
  • "modal shared with people msg"
  • "no forgot"
  • "no"
  • "only you can see"
  • "perm"
  • "private"
  • "r"
  • "revoke"
  • "save"
  • "see link"
  • "send email hint"
  • "send mails question"
  • "server error occured"
  • "share confirm save"
  • "share forgot add"
  • "shared"
  • "sharing"
  • "yes forgot"
  • "yes"

Contribute

Use coffeegulp to build the client side.

Use npm run build to build the server side

use npm test to run tests

cozy-clearance's People

Contributors

aenario avatar clochix avatar cylwin avatar jsilvestre avatar lapalice avatar m4dz avatar nono avatar poupotte avatar

Stargazers

avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

cozy-labs frankrousseau m4dz cylwin nono poupotte decentralized-sharing-working-group

cozy-clearance's Issues

Might be broken with npm3

This part of the code will break with npm3 :

cozy-clearance/controller.coffee

Lines 29 to 31 in de94b23

CozyAdapter = try require 'americano-cozy/node_modules/' + \
'jugglingdb-cozy-adapter'
catch e then require 'jugglingdb-cozy-adapter'

We can fix it, or we can delete it if all apps now use cozydb.

Email is not sent when sharing with someone

(I experience this in cozy-files)

When I add someone to the share list and that I "save" then click "Ok" to send emails, no emails are sent.

It might come from my Cozy, though.

Adding a TTL to clearances

How would you feel about adding a TTL to clearances? The idea would be to share a document for a period of time.

Use cases:

  • sharing ephemeral content (hot topic at the moment)
  • reducing privacy concerns

Clearance disclosed in share links

In the share links from Photos and Files,
we have access via the source to all the contacts associated with the current share :
this includes emails, permissions and keys.

It looks like a bad practice.

Debug list

Hi,

I met several problems that should be fixed or at least mentioned in the documentation:

  • Translations are not there by default
  • The modal requires to be extended that way:
class ShareModal extends CozyClearanceModal
    initialize: ->
        super
        @refresh()
  • The model should have a .getPublicUrl method (on server side too).
  • The model requires two attributes: clearance and type (on server side too).
@model.set 'clearance', []
@model.set 'type', 'album'

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.