feat(be): add role based checks

2024-11-23 12:30:41 +01:00 · 2023-07-07 22:15:16 +02:00 · 2023-07-07 22:15:16 +02:00 · 23841a240f
commit 23841a240f
parent 29b38c446c
1 changed files with 33 additions and 5 deletions
--- a/db/ProjectUser.go
+++ b/db/ProjectUser.go
@ -1,8 +1,36 @@
 package db

-type ProjectUser struct {
-	ID        int  `db:"id" json:"-"`
-	ProjectID int  `db:"project_id" json:"project_id"`
-	UserID    int  `db:"user_id" json:"user_id"`
-	Admin     bool `db:"admin" json:"admin"`
+type ProjectUserRole string
+
+const (
+	ProjectUserOwner  ProjectUserRole = "owner"
+	ProjectUserRunner ProjectUserRole = "runner"
+	ProjectUserGuest  ProjectUserRole = "guest"
+)
+
+type ProjectUserPermission int
+
+const (
+	ProjectUserCanRunTask ProjectUserPermission = 1 << iota
+	ProjectCanEditProjectSettings
+	ProjectCanRunTasks
+)
+
+var rolePermissions = map[ProjectUserRole]ProjectUserPermission{
+	ProjectUserOwner:  ProjectUserCanRunTask | ProjectCanEditProjectSettings | ProjectCanRunTasks,
+	ProjectUserRunner: ProjectCanRunTasks,
+	ProjectUserGuest:  0,
+}
+
+type ProjectUser struct {
+	ID        int             `db:"id" json:"-"`
+	ProjectID int             `db:"project_id" json:"project_id"`
+	UserID    int             `db:"user_id" json:"user_id"`
+	Admin     bool            `db:"admin" json:"admin"`
+	Role      ProjectUserRole `db:"role" json:"role"`
+}
+
+func (u *ProjectUser) Can(permissions ProjectUserPermission) bool {
+	userPermissions := rolePermissions[u.Role]
+	return (userPermissions & userPermissions) == permissions
 }