From 7c26d8547bd8efcd7506154385c9512fa4b5860c Mon Sep 17 00:00:00 2001 From: mStar Date: Tue, 17 Sep 2024 15:46:05 +0200 Subject: [PATCH] Banger role permission stuff --- storage/roles.go | 92 ++++++++++++++++++++++++++++-- storage/rolesDefaults.go | 118 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 206 insertions(+), 4 deletions(-) create mode 100644 storage/rolesDefaults.go diff --git a/storage/roles.go b/storage/roles.go index ace6e23..f881d0c 100644 --- a/storage/roles.go +++ b/storage/roles.go @@ -1,11 +1,95 @@ package storage +import ( + "gorm.io/gorm" +) + +// A role is, in concept, similar to how Discord handles roles +// Some permission can be either disallowed (&false), don't care (nil) or allowed (&true) +// Don't care just says to use the value from the next lower role where it is set type Role struct { - // Name of the role - Name string - // If set, counts as all permissions being set and all restrictions being disabled - FullAdmin bool // TODO: More control options // Extend upon whatever Masto, Akkoma and Misskey have // Lots of details please + + // --- Role metadata --- + + // Include full db model stuff + gorm.Model + + // Name of the role + Name string + + // Priority of the role + // Lower priority gets applied first and thus overwritten by higher priority ones + // If two roles have the same priority, the order is undetermined and may be random + // Default priority for new roles is 1 to always overwrite default user + // And full admin has max priority possible + Priority uint + // Whether this role is for a for a single user only (like custom, per user permissions in Discord) + // If yes, Name will be the id of the user in question + IsUserRole bool + + // Whether this role is one built into Linstrom from the start or not + // Note: Built-in roles can't be modified + IsBuiltIn bool + + // --- User permissions --- + CanSendMedia *bool + CanSendCustomEmotes *bool + CanSendCustomReactions *bool + CanSendPublicNotes *bool + CanSendLocalNotes *bool + CanSendFollowerOnlyNotes *bool + CanSendPrivateNotes *bool + CanSendReplies *bool + CanQuote *bool + CanBoost *bool + CanIncludeLinks *bool + CanIncludeSurvey *bool + + CanChangeDisplayName *bool + + BlockedUsers []string `gorm:"type:bytes;serializer:gob"` + CanSubmitReports *bool + CanLogin *bool + + CanMentionOthers *bool + HasMentionCountLimit *bool + MentionLimit *uint32 + + // CanViewBoosts *bool + // CanViewQuotes *bool + // CanViewMedia *bool + // CanViewCustomEmotes *bool + + // --- Automod --- + AutoNsfwMedia *bool + AutoCwPosts *bool + AutoCwPostsText *string + ScanCreatedPublicNotes *bool + ScanCreatedLocalNotes *bool + ScanCreatedFollowerOnlyNotes *bool + ScanCreatedPrivateNotes *bool + DisallowInteractionsWith []string `gorm:"type:bytes;serializer:gob"` + + WithholdNotesForManualApproval *bool + WithholdNotesBasedOnRegex *bool + WithholdNotesRegexes []string `gorm:"type:bytes;serializer:gob"` + + // --- Admin perms --- + // If set, counts as all permissions being set as given and all restrictions being disabled + FullAdmin *bool + CanAffectOtherAdmins *bool + CanDeleteNotes *bool + CanConfirmWithheldNotes *bool + CanAssignRoles *bool + CanSupressInteractionsBetweenUsers *bool + CanOverwriteDisplayNames *bool + CanManageCustomEmotes *bool + CanViewDeletedNotes *bool + CanRecoverDeletedNotes *bool + CanManageAvatarDecorations *bool + CanManageAds *bool + CanSendAnnouncements *bool } diff --git a/storage/rolesDefaults.go b/storage/rolesDefaults.go new file mode 100644 index 0000000..9330ee6 --- /dev/null +++ b/storage/rolesDefaults.go @@ -0,0 +1,118 @@ +package storage + +import ( + "math" + + "gitlab.com/mstarongitlab/goutils/other" +) + +var DefaultUserRole = Role{ + Name: "Default", + Priority: 0, + IsUserRole: false, + IsBuiltIn: true, + + CanSendMedia: other.IntoPointer(true), + CanSendCustomEmotes: other.IntoPointer(true), + CanSendCustomReactions: other.IntoPointer(true), + CanSendPublicNotes: other.IntoPointer(true), + CanSendLocalNotes: other.IntoPointer(true), + CanSendFollowerOnlyNotes: other.IntoPointer(true), + CanSendPrivateNotes: other.IntoPointer(true), + CanQuote: other.IntoPointer(true), + CanBoost: other.IntoPointer(true), + CanIncludeLinks: other.IntoPointer(true), + CanIncludeSurvey: other.IntoPointer(true), + + CanChangeDisplayName: other.IntoPointer(true), + + BlockedUsers: []string{}, + CanSubmitReports: other.IntoPointer(true), + CanLogin: other.IntoPointer(true), + + CanMentionOthers: other.IntoPointer(true), + HasMentionCountLimit: other.IntoPointer(false), + MentionLimit: other.IntoPointer(uint32(math.MaxUint32)), // Set this to max, even if not used due to *HasMentionCountLimit == false + + AutoNsfwMedia: other.IntoPointer(false), + AutoCwPosts: other.IntoPointer(false), + AutoCwPostsText: nil, + WithholdNotesForManualApproval: other.IntoPointer(false), + ScanCreatedPublicNotes: other.IntoPointer(false), + ScanCreatedLocalNotes: other.IntoPointer(false), + ScanCreatedFollowerOnlyNotes: other.IntoPointer(false), + ScanCreatedPrivateNotes: other.IntoPointer(false), + DisallowInteractionsWith: []string{}, + + FullAdmin: other.IntoPointer(false), + CanAffectOtherAdmins: other.IntoPointer(false), + CanDeleteNotes: other.IntoPointer(false), + CanConfirmWithheldNotes: other.IntoPointer(false), + CanAssignRoles: other.IntoPointer(false), + CanSupressInteractionsBetweenUsers: other.IntoPointer(false), + CanOverwriteDisplayNames: other.IntoPointer(false), + CanManageCustomEmotes: other.IntoPointer(false), + CanViewDeletedNotes: other.IntoPointer(false), + CanRecoverDeletedNotes: other.IntoPointer(false), + CanManageAvatarDecorations: other.IntoPointer(false), + CanManageAds: other.IntoPointer(false), + CanSendAnnouncements: other.IntoPointer(false), +} + +var fullAdminRole = Role{ + Name: "fullAdmin", + Priority: math.MaxUint, + IsUserRole: false, + IsBuiltIn: true, + + CanSendMedia: other.IntoPointer(true), + CanSendCustomEmotes: other.IntoPointer(true), + CanSendCustomReactions: other.IntoPointer(true), + CanSendPublicNotes: other.IntoPointer(true), + CanSendLocalNotes: other.IntoPointer(true), + CanSendFollowerOnlyNotes: other.IntoPointer(true), + CanSendPrivateNotes: other.IntoPointer(true), + CanQuote: other.IntoPointer(true), + CanBoost: other.IntoPointer(true), + CanIncludeLinks: other.IntoPointer(true), + CanIncludeSurvey: other.IntoPointer(true), + + CanChangeDisplayName: other.IntoPointer(true), + + BlockedUsers: []string{}, + CanSubmitReports: other.IntoPointer(true), + CanLogin: other.IntoPointer(true), + + CanMentionOthers: other.IntoPointer(true), + HasMentionCountLimit: other.IntoPointer(false), + MentionLimit: other.IntoPointer(uint32(math.MaxUint32)), // Set this to max, even if not used due to *HasMentionCountLimit == false + + AutoNsfwMedia: other.IntoPointer(false), + AutoCwPosts: other.IntoPointer(false), + AutoCwPostsText: nil, + WithholdNotesForManualApproval: other.IntoPointer(false), + ScanCreatedPublicNotes: other.IntoPointer(false), + ScanCreatedLocalNotes: other.IntoPointer(false), + ScanCreatedFollowerOnlyNotes: other.IntoPointer(false), + ScanCreatedPrivateNotes: other.IntoPointer(false), + DisallowInteractionsWith: []string{}, + + FullAdmin: other.IntoPointer(true), + CanAffectOtherAdmins: other.IntoPointer(true), + CanDeleteNotes: other.IntoPointer(true), + CanConfirmWithheldNotes: other.IntoPointer(true), + CanAssignRoles: other.IntoPointer(true), + CanSupressInteractionsBetweenUsers: other.IntoPointer(true), + CanOverwriteDisplayNames: other.IntoPointer(true), + CanManageCustomEmotes: other.IntoPointer(true), + CanViewDeletedNotes: other.IntoPointer(true), + CanRecoverDeletedNotes: other.IntoPointer(true), + CanManageAvatarDecorations: other.IntoPointer(true), + CanManageAds: other.IntoPointer(true), + CanSendAnnouncements: other.IntoPointer(true), +} + +var allDefaultRoles = []*Role{ + &DefaultUserRole, + &fullAdminRole, +}